Re: [Cooker] drakgw, shorewall and the latest kernel

Wed, 26 Feb 2003 05:13:10 -0800 

[EMAIL PROTECTED] (Adam Williamson) writes:

> On Tue, 2003-02-25 at 19:05, Florin wrote:
> > Adam Williamson <[EMAIL PROTECTED]> writes:
> > 
> > > On Tue, 2003-02-25 at 18:10, Florin wrote:
> > > > Hi there,
> > > > 
> > > > it seems that the latest kernel has its masqueranding broken ... the
> > > > shorewall-> drakgw is therefore broken with a invalid command error
> > > > message ...
> > > 
> > > Hey Florin...does this have any bearing on my drakgw problem? Have you
> > > followed it up any further since I sent you my /etc/shorewall stuff
> > > yesterday?
> > 
> > Yes, I have installed a brand new cooker especially for these matters ...
> > 
> > I've just installed a new cooker here and it works on my 4-NICs test
> > machine ... network Internet connection ...
> > 
> > run shorewall restart in a terminal and you should get invalid command
> > after the masqueranding stuff ...
> > 
> > hope it helps ...
> 
> Well could you set your test setup up like mine - one machine with two
> NICs and a network internet connection, and one machine with one NIC
> connected to it - and send me the /etc/shorewall/interfaces file it
> generates, for comparison? It's good to know it works on a fresh Cooker,
> but I want to know what's going wrong on my setup, because it ought to
> work.

[EMAIL PROTECTED] root]# grep -v ^# 
/etc/shorewall/{zones,interfaces,masq,policy,rules} |grep -v ^$ 

/etc/shorewall/zones:net        Net             Internet zone
/etc/shorewall/zones:masq       Masquerade      Masquerade Local
/etc/shorewall/zones:loc        Local           Local

/etc/shorewall/interfaces:net   eth1    detect
/etc/shorewall/interfaces:masq  eth0    detect
/etc/shorewall/interfaces:loc   eth2    detect
/etc/shorewall/interfaces:loc   eth3    detect

/etc/shorewall/masq:eth1        10.0.0.0/255.255.255.0 -> This is my
masqueraded network

/etc/shorewall/policy:masq      net     ACCEPT
/etc/shorewall/policy:loc       net     ACCEPT
/etc/shorewall/policy:fw        net     ACCEPT
/etc/shorewall/policy:net       all     DROP    info
/etc/shorewall/policy:all       all     REJECT  info

/etc/shorewall/rules:ACCEPT     net     fw      tcp     22,6566 -
/etc/shorewall/rules:ACCEPT     masq    fw      tcp     22,6566 -
/etc/shorewall/rules:ACCEPT     loc     fw      tcp     22,6566 -
/etc/shorewall/rules:ACCEPT     masq    fw      tcp     
domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp   -
/etc/shorewall/rules:ACCEPT     masq    fw      udp     
domain,bootps,http,https,631,imap,pop3,smtp,nntp,ntp   -
/etc/shorewall/rules:ACCEPT     fw      masq    tcp     631,515,137,138,139     -
/etc/shorewall/rules:ACCEPT     fw      masq    udp     631,515,137,138,139     -

hope this helps,
-- 
Florin                  http://www.mandrakesoft.com
                        http://people.mandrakesoft.com/~florin/

Reply via email to