Hese wrote: > I'm having troubles getting a port forwarded in Ubuntu. I'm running VMWare > in my fw and the network interface of VMWare acts as local network (it's > NATted in VMWare). The problem is that The traffic gets forwarded to the > virtual machine, but when the vm replies, the traffic is not forwarded to > the net interface. So when I monitor the traffic of the local network > interface (vmnet6 in my case) I see the incoming packages coming from > internet and forwarded by the fw and I also see reply packages coming from > the VM. But if I monitor the net interface (eth0) I only see incoming > packages and no outgoing packages so those reply packages are not forwarded. > Otherwise the network in the vm works fine. > > my shorewall settings: > > interfaces: > net eth0 detect > vmloc vmnet6 detect > > zones: > fw firewall > net ipv4 > vmloc ipv4 > > policy: > net all DROP info > fw net ACCEPT > vmloc fw ACCEPT > fw vmloc ACCEPT > vmloc net ACCEPT > > > rules: > DNAT:info net vmloc:<VM ip> tcp 80 > > Any suggestions? > >
Sounds like your missing a matching SNAT entry in masq: eth0 <VM ip> <EXT IP> tcp 80 Jerry ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
