java guru wrote: > Hi - > I am trying out two interface example. I defined loc > (for eth0) and ppp0 (outgoing dialup modem) and rest > of the setup per the document. > > But my ssh connection to fw box gets dropped as soon > as I start shorewall. Below is what I see from the > log. See how the SRC is not loc network (192.168.1.*), > thats 'coz I am reaching fw box eth0 via a cable > modem. > > I am new to shorewall, so tell me if there is a > separate forum where i can get appropriate help. > > ------------- > kernel: [63010.560985] Shorewall:INPUT:REJECT:IN=eth0 > OUT= MAC=xx.xx.xx.xx.xx SRC=70.170.80.123 > DST=192.168.1.104 LEN=48 TOS=0x00 PREC=0x00 TTL=106 > ID=63933 DF PROTO=TCP SPT=3556 DPT=22 WINDOW=16384 > RES=0x00 SYN URGP=0 > -------------------------
Please check the instructions at http://www.shorewall.net/two-interface.htm again. You have set up Shorewall incorrectly because eth0 is not associated with any zone. If you want SSH access to your Shorewall system from the net, you need to add a rule. This is also explained in the document. The rule you need is similar to the one in the Guide except that you need to replace 'loc' with 'net' to allow SSH access to the 'net' zone. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
