Tibbs, Richard wrote: > Dear List: > I have the following configuration > SLAX internal <--------------> Bering 1.2 <-----------> SLAX external > 192.168.10.1 192.168.10.254 192.168.1.254 192.168.1.1 dns > 192.168.10.2 > 192.168.1.2 www >
Does the network actually look like how your mailer has folded your ASCII art or is 192.168.1.2 on the external side where one would suppose it would be? SLAX internal <----------> Bering 1.2 <-------> SLAX external 192.168.10.1 2.168.10.254 192.168.1.254 192.168.1.1 dns 192.168.10.2 192.168.1.2 www > > each SLAX machine is configured to bring up bind for dns at IP addresses > > 192.168.10.1 (internal) and 192.168.1.1 (external) resp. > In addition there is a web server running on 192.168.10.2 (internal) and > 192.168.1.2 (external). > > The symptom is that external can only load it's own web page > (extexample.com) whereas internal can load both intexample.com and > extexample.com. > Until I add a default route on eth0 (external interface) > gateway 192.168.1.1 > external cannot load internal's web page. > Why would this be necessary? > > Each SLAX machine is given a default route to the Bering IP on the > respective side of the fw. > Shorewall log shows no drops, but > Shorewall policy is > loc net ACCEPT > net loc ACCEPT > fw net ACCEPT > fw loc ACCPT > net all DROP ULOG > all all REJECT ULOG. There isn't enough information here for us to solve the problem. See http://shorewall.net/support.htm#Guidelines. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click ------------------------------------------------------------------------ leaf-user mailing list: [email protected] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
