> Have you followed the DNAT troubleshooting instructions in Shorewall FAQs 1a and 1b? > If you had, you would know that no connection requests on TCP port 21 have entered your firewall through eth1. > > So I suggest that your review those two FAQs. > > -Tom
And a good suggestion it was,.. I had read the FAQ's you mentioned and that no counter on the DNAT was confusing me, as I was seeing a connection in Tcpdump. I went back and reviewed the FAQ again (step by step) that and the few hours away from it and of course the problem jumped right out at me. I had the interfaces reversed in /shorewall/interfaces - confuses me a bit as the masq worked but they were reversed (bonks self) Thanks for the pointer. Terre ------------------------------------------------------------------------------ All of the data generated in your IT infrastructure is seriously valuable. Why? It contains a definitive record of application performance, security threats, fraudulent activity, and more. Splunk takes this data and makes sense of it. IT sense. And common sense. http://p.sf.net/sfu/splunk-d2d-c2 _______________________________________________ Shorewall-devel mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-devel
