Tom Eastep <[EMAIL PROTECTED]> wrote:
| Tom Eastep wrote:
| > Tom Eastep wrote:
| >
| >> I suspect that what you need to do is simply change the default gateway to
| >> point to the IP address of the internal interface of the Shorewall router.
| >>
| >
| > Groan -- that should have been "... to *point* to the IP ...".
|
| Hmmm -- I guess I need to get my eyes tested; the original said what I wanted
| in the first place...
|
Ok, changing the modem didn't change anything :( So replaced with
the original (st510).
But..... had to reboot and when shorewall stopped and started the message '
find_first_interface_address not found line 27 ' is still there !
'Network is unreacheble' if changing the default gateway for the lan or dmz
machines.
I followed the 'three-interfaces' doc; see here on the shorewall
router :
ip route ls
193.253.160.3 dev ppp0 proto kernel scope link src 86.207.39.186
192.168.20.0/24 dev eth2 proto kernel scope link src 192.168.20.254
192.168.1.0/24 dev eth0 proto kernel scope link src 192.168.1.1
192.168.10.0/24 dev eth1 proto kernel scope link src 192.168.10.254
default dev ppp0 scope link
ip addr ls
1: lo: <LOOPBACK,UP,10000> mtu 16436 qdisc noqueue
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth2: <BROADCAST,MULTICAST,UP,10000> mtu 1500
qdisc pfifo_fast qlen 1000
link/ether 00:04:76:12:3e:75 brd ff:ff:ff:ff:ff:ff
inet 192.168.20.254/24 brd 192.168.20.255 scope global eth2
inet6 fe80::204:76ff:fe12:3e75/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,10000> mtu 1500
qdisc pfifo_fast qlen 1000
link/ether 00:e0:29:3c:34:bd brd ff:ff:ff:ff:ff:ff
inet 192.168.10.254/24 brd 192.168.10.255 scope global eth1
inet6 fe80::2e0:29ff:fe3c:34bd/64 scope link
valid_lft forever preferred_lft forever
4: eth0: <BROADCAST,MULTICAST,UP,10000> mtu 1500
qdisc pfifo_fast qlen 1000
link/ether 00:80:c8:ec:92:b5 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.1/24 brd 192.168.1.255 scope global eth0
inet6 fe80::280:c8ff:feec:92b5/64 scope link
valid_lft forever preferred_lft forever
6: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP,10000>
mtu 1492 qdisc pfifo_fast qlen 3
link/ppp
inet 86.207.39.186 peer 193.253.160.3/32 scope global ppp0
and part of a 'tcpdump' :
15:43:25.419267 arp who-has router.laplaceverte.fr tell
st510.laplaceverte.fr
( st510 is the modem )
15:43:25.419340 arp reply router.laplaceverte.fr is-at
00:80:c8:ec:92:b5 (oui Unknown)
( the unknown came from the modem where i didn't set a name for it)
Please keep in mind that shorewall runs fine otherwise. The only
thing i can't do is accessing the dmz from the lan via the net, and
that 'find_first_interface_address not found line 27'.
As i said that message is only there on a start or stop of
shorewall, not when shorewall is running and restarting it.
If this can help
best regards
mess-mate
--
You will outgrow your usefulness.
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
