Re: [Cooker] drakgw, shorewall and the latest kernel

Wed, 26 Feb 2003 06:10:33 -0800 

drakgw assumes that you have configured your network with drakconnect and
parses the /etc/sysconfig/network-scripts/net_cnx_up files in order to
detect the net interface ... maybe this is not your case ...

Also, during the drakconnect setup, make sure you have chosen the right
gateway interface ... In my case, the "right" gateway interface is eth1,
but drakconnect has eth0 as default ... one might leave it as it is ...
and this not what one wants ...

>Adam Williamson <[EMAIL PROTECTED]> writes:

> On Wed, 2003-02-26 at 13:02, Florin wrote:
> 
> > > Well could you set your test setup up like mine - one machine with two
> > > NICs and a network internet connection, and one machine with one NIC
> > > connected to it - and send me the /etc/shorewall/interfaces file it
> > > generates, for comparison? It's good to know it works on a fresh Cooker,
> > > but I want to know what's going wrong on my setup, because it ought to
> > > work.
> > 
> > [EMAIL PROTECTED] root]# grep -v ^# 
> > /etc/shorewall/{zones,interfaces,masq,policy,rules} |grep -v ^$ 
> > 
> > /etc/shorewall/zones:net        Net             Internet zone
> > /etc/shorewall/zones:masq       Masquerade      Masquerade Local
> > /etc/shorewall/zones:loc        Local           Local
> > 
> > /etc/shorewall/interfaces:net   eth1    detect
> > /etc/shorewall/interfaces:masq  eth0    detect
> > /etc/shorewall/interfaces:loc   eth2    detect
> > /etc/shorewall/interfaces:loc   eth3    detect
> > 
> > /etc/shorewall/masq:eth1        10.0.0.0/255.255.255.0 -> This is my
> > masqueraded network
> > 
> > /etc/shorewall/policy:masq      net     ACCEPT
> > /etc/shorewall/policy:loc       net     ACCEPT
> > /etc/shorewall/policy:fw        net     ACCEPT
> > /etc/shorewall/policy:net       all     DROP    info
> > /etc/shorewall/policy:all       all     REJECT  info
> > 
> > /etc/shorewall/rules:ACCEPT     net     fw      tcp     22,6566 -
> > /etc/shorewall/rules:ACCEPT     masq    fw      tcp     22,6566 -
> > /etc/shorewall/rules:ACCEPT     loc     fw      tcp     22,6566 -
> > /etc/shorewall/rules:ACCEPT     masq    fw      tcp     
> > domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp   -
> > /etc/shorewall/rules:ACCEPT     masq    fw      udp     
> > domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp   -
> > /etc/shorewall/rules:ACCEPT     fw      masq    tcp     631,515,137,138,139     -
> > /etc/shorewall/rules:ACCEPT     fw      masq    udp     631,515,137,138,139     -
> > 
> > hope this helps,
> 
> Thanks Florin. I think I'll run drakgw and then try taking out each of
> the duplicate eth1 lines in turn and see if doing that fixes it. I'd
> still love to know why they're being generated, though.

-- 
Florin                  http://www.mandrakesoft.com
                        http://people.mandrakesoft.com/~florin/

Reply via email to