Hi Andrea, not totally sure on this, but it should work: On 5/23/07, Andrea Fastame <[EMAIL PROTECTED]> wrote: <...cut...>
> Still, the tunnel works fine (i can ping a remote host 10.11.100.24 > successfullty). I manually had to setup a route to route all packets to > the 10.100.11.24 trhough the 13.0.0.2 interface (alias). > I read that (eventually) I should put some entry in the > /etc/shorewall/masq file. Still, I have not grasped what I should really > enter in that conf file. Any hint (if positive)? > > Now, this is my problem: I would like to FORWARD all incoming conns to > TCP 3030 to the remote 10.100.11.24, hence, through the IPSEC tunnel. > I have read the whole Shorewall FAQ and MASQ, but no luck. <...cut...> > /etc/shorewall/interfaces > > #ZONE INTERFACE BROADCAST OPTIONS > fw firewall > net eth0 detect > #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE I think you might want to specify the 'routeback' option here, because the traffic is leaving the same interface that it arrived on. ~David ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
