[Shorewall-users] Cannot get accept rule to work for local network connection

Thu, 31 Jan 2008 21:29:33 -0800 

Hello Shoreline Firewall users, I am running Shorewall with 2 ethernet cards: 
eth0 and eth1. The eth0 is the public and the eth1 is the private lan. All the 
issues I am having is strictly on the eth1 side of the world. I have several 
machine behind the firwall attached to the eth1 side of my network. My private 
side machines' IP addresses are static and in the non-routable 192.168.1.0/24 
class. The eth1 card is obviously the gateway for the local network 
(192.168.1.1). So, all traffick essentially goes through the gateway before it 
leaves eth1 outbound for the 192.168.1.0/24 destinations.

Here is the problem:

I have a Java testing and monitoring software that uses RMI for the network 
communication. This communication protocol uses port 1099 (default). The 
software will allow the control of 1 or more slave machines from a single 
master. The master/slave machines topology is all behind eth1. And, to 
communicate: all of their traffic is routed through the eth1 gateway. The only 
problems is the Shoreline firewall is present and affecting the eth1 traffic 
just as it monitors the eth0 traffic. I cannot seem to come up with a rule to 
allow any and all client machines attached to eth1 to share traffic.

I have replaced the Java software testing with telnet to the target host at 
port 1099:

telnet 192.168.1.2 1099

The telnet connection attempts just like the Java software connection attempts 
returns: Connection refused!

The topology follows:
        

        eth0 (pubic IP)
         |
         | 192.168.1.1
        eth1
       /    \
      /      \
192.168.1.2   192.168.1.14


The host 192.168.1.1 is blocking all of the traffic from either machine 
attached the eth1 gateway @ 192.168.1.1.
All of the network traffic is masqueraded between eth0 and eth1.

Thanks, David.

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to