El lun, 08-05-2006 a las 14:26 -0500, German Jimenez Leal escribió: >[EMAIL PROTECTED] shorewall]# shorewall check >Loading /usr/share/shorewall/functions... >Processing /etc/shorewall/params ... >Processing /etc/shorewall/shorewall.conf... >Loading Modules... >Shorewall has detected the following iptables/netfilter capabilities: > NAT: Available > Packet Mangling: Available > Multi-port Match: Available > Extended Multi-port Match: Not available > Connection Tracking Match: Available > Packet Type Match: Available > Policy Match: Not available > Physdev Match: Available > IP range Match: Available > Recent Match: Available > Owner Match: Available > Ipset Match: Not available > CONNMARK Target: Not available > Connmark Match: Not available > Raw Table: Available > CLASSIFY Target: Available >Verifying Configuration... >Determining Zones... > IPv4_Zones: net loc > Firewall Zone: fw >Setting up IPSEC... >Validating interfaces file... >Validating hosts file... >Determining Hosts in Zones... > net Zone: vdpf0:eth0 > loc Zone: vdpf0:eth1 >Validating policy file... > Policy for loc to net is ACCEPT using chain loc2net > Policy for net to loc is DROP using chain net2all > Policy for net to fw is DROP using chain net2all > Policy for loc to fw is REJECT using chain all2all > Policy for fw to net is REJECT using chain all2all > Policy for fw to loc is REJECT using chain all2all >Checking Black List... >Validating Proxy ARP >Validating NAT... >Pre-validating Actions... > Pre-processing /usr/share/shorewall/action.Drop... > ..Expanding Macro /usr/share/shorewall/macro.Auth... > ..End Macro > ..Expanding Macro /usr/share/shorewall/macro.AllowICMPs... > ..End Macro > ..Expanding Macro /usr/share/shorewall/macro.SMB... > ..End Macro > ..Expanding Macro /usr/share/shorewall/macro.DropUPnP... > ..End Macro > ..Expanding Macro /usr/share/shorewall/macro.DropDNSrep... > ..End Macro > Pre-processing /usr/share/shorewall/action.Reject... > Pre-processing /usr/share/shorewall/action.Limit... >Validating rules file... > Rule "ACCEPT net fw TCP 20,21,22,25,80,110,143,443,995,465 " >checked. > Rule "ACCEPT loc net TCP 20,21,22,25,80,110,143,443,995,465 " >checked. > Rule "ACCEPT loc net UDP 20,21,22,25,80,110,143,443,995,465 " >checked. >Validating Actions... > Generating Transitive Closure of Used-action List... >Processing /usr/share/shorewall/action.Drop for Chain Drop... >..Expanding Macro /usr/share/shorewall/macro.Auth... > Rule "REJECT - - tcp 113 - -" checked. >..End Macro > Rule "dropBcast " checked. >..Expanding Macro /usr/share/shorewall/macro.AllowICMPs... > Rule "ACCEPT - - icmp fragmentation-needed - -" checked. > Rule "ACCEPT - - icmp time-exceeded - -" checked. >..End Macro > Rule "dropInvalid " checked. >..Expanding Macro /usr/share/shorewall/macro.SMB... > Rule "DROP - - udp 135,445 - -" checked. > Rule "DROP - - udp 137:139 - -" checked. > Rule "DROP - - udp 1024: 137 -" checked. > Rule "DROP - - tcp 135,139,445 - -" checked. >..End Macro >..Expanding Macro /usr/share/shorewall/macro.DropUPnP... > Rule "DROP - - udp 1900 - -" checked. >..End Macro > Rule "dropNotSyn - - tcp " checked. >..Expanding Macro /usr/share/shorewall/macro.DropDNSrep... > Rule "DROP - - udp - 53 -" checked. >..End Macro >Processing /usr/share/shorewall/action.Reject for Chain Reject... >..Expanding Macro /usr/share/shorewall/macro.Auth... > Rule "REJECT - - tcp 113 - -" checked. >..End Macro > Rule "dropBcast " checked. >..Expanding Macro /usr/share/shorewall/macro.AllowICMPs... > Rule "ACCEPT - - icmp fragmentation-needed - -" checked. > Rule "ACCEPT - - icmp time-exceeded - -" checked. >..End Macro > Rule "dropInvalid " checked. >..Expanding Macro /usr/share/shorewall/macro.SMB... > Rule "REJECT - - udp 135,445 - -" checked. > Rule "REJECT - - udp 137:139 - -" checked. > Rule "REJECT - - udp 1024: 137 -" checked. > Rule "REJECT - - tcp 135,139,445 - -" checked. >..End Macro >..Expanding Macro /usr/share/shorewall/macro.DropUPnP... > Rule "DROP - - udp 1900 - -" checked. >..End Macro > Rule "dropNotSyn - - tcp " checked. >..Expanding Macro /usr/share/shorewall/macro.DropDNSrep... > Rule "DROP - - udp - 53 -" checked. >..End Macro >Masqueraded Networks and Hosts: > ERROR: Unknown interface eth0 >[EMAIL PROTECTED] shorewall]# parece que el error esta que como masquerade pusiste eth0 y la unica interfaz que tienes es vdpf0, podrÃas probar vdpf0:eth0 o algo del tipo vdpf0:0.0.0.0/0
