Guy, Does the script conclude with: "firewall: ** All firewall rules applied **" ? If not, the iptables error should be logged.
The NAT EXT->LAN rule should work, unless the input values in the web interface are not proper. Clearly, moving any of your special /etc/modprobe.conf to /etc/modprobe.d/ would sure clean up things. Lonnie On May 4, 2010, at 6:33 PM, Guy Neale wrote: > Hi List > > I recently upgraded from AstLinux 0.6 to 0.7.1 and have have found my static > NAT to LAN routing doesn't seem to be working (as configured in firewall > rules in the web interface). I've upgraded Arno-firewall upgrade via the web > interface. All other routing seems to be working OK > > My a little lost in how all the scripts/config files bolt together, but thing > it may to something to do with symbolic links to the config arno/iptables > config files on /mnt/kb > > My current setup is internet <->pppoe/eth1(external)<->eth0(LAN) > > I've added a NAT EXT->LAN rule but don't see it with iptables -L > > the following plugins are enabled - traffic-shaper, sip-voip > > ./iptables restart yields the following errors > Sanity checks passed...OK > Stopping (user) plugins... > SIP-VOIP plugin v0.22BETA (EXPERIMENTAL!) > Traffic-Shaper plugin v1.2.03 (htb: well tested, hfsc: experimental) > Checking/probing IPv4 Iptables modules: > /sbin/modprobe ip_tables: WARNING: Deprecated config file /etc/modprobe.conf, > all config files belong into /etc/modprobe.d/. > /sbin/modprobe nf_conntrack: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe nf_conntrack_ftp: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe xt_conntrack: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe xt_limit: WARNING: Deprecated config file /etc/modprobe.conf, > all config files belong into /etc/modprobe.d/. > /sbin/modprobe xt_state: WARNING: Deprecated config file /etc/modprobe.conf, > all config files belong into /etc/modprobe.d/. > /sbin/modprobe xt_multiport: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe iptable_filter: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe iptable_mangle: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe ipt_REJECT: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe ipt_LOG: WARNING: Deprecated config file /etc/modprobe.conf, > all config files belong into /etc/modprobe.d/. > /sbin/modprobe xt_TCPMSS: WARNING: Deprecated config file /etc/modprobe.conf, > all config files belong into /etc/modprobe.d/. > /sbin/modprobe nf_nat_ftp: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe iptable_nat: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe ipt_MASQUERADE: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > Module check done... > > Checking for (user) plugins in /usr/share/arno-iptables-firewall/plugins... > SIP-VOIP plugin v0.22BETA (EXPERIMENTAL!) > /sbin/modprobe ip_nat: WARNING: Deprecated config file /etc/modprobe.conf, > all config files belong into /etc/modprobe.d/. > Using SIP UDP port(s): 5060 > /sbin/modprobe ip_conntrack_sip ports=5060: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > /sbin/modprobe ip_nat_sip: WARNING: Deprecated config file > /etc/modprobe.conf, all config files belong into /etc/modprobe.d/. > Traffic-Shaper plugin v1.2.03 (htb: well tested, hfsc: experimental) > /sbin/modprobe ip_nat: WARNING: Deprecated config file /etc/modprobe.conf, > all config files belong into /etc/modprobe.d/. > Shaping as 1500/256 kb/s using htb > > Regards Guy > ------------------------------------------------------------------------------ > _______________________________________________ > Astlinux-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/astlinux-users > > Donations to support AstLinux are graciously accepted via PayPal to > [email protected]. ------------------------------------------------------------------------------ _______________________________________________ Astlinux-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/astlinux-users Donations to support AstLinux are graciously accepted via PayPal to [email protected].
