Casey Bralla wrote: > My setup is classic 3-interface.
What are you trying to accomplish with the loc->dmz DNAT rules? If you are trying to make connections to your external IP address go to the DMZ then you need to put your external IP address in the ORIG DEST column. Possibly you are doing that using a variable but if so, the variable is empty. One possibility -- in Shorewall 2.0.8, there was a function called find_interface_address(). In 3.2.6, that function is named find_first_interface_address(). You may be suffering a 'command not found' error that is getting lost in the noise (or in that most questionable of Debian ideas, the /var/log/shorewall-init.log file). -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
