dan wrote: > ok, my setup is slightly different. per this statement here: > "The above assumes that the IP address of the ALPHA is 10.223.8.10 > <http://10.223.8.10/> and > that it is connected through eth0. It also assumes that the ALPHA's > default gateway is configured with the IP address of eth0." > > the alpha is definitely on the loc interface with the ip 10.223.8.10 > <http://10.223.8.10> BUT it does *not* have a default gateway of this > machine. it has a default gateway to another router connected to a > private wan.
So you have just been ignoring this part of the response to Shorewall FAQ:
You have a more basic problem with your local system (the one that you
are
trying to forward to) such as an incorrect default gateway (it should be set
to the IP address of your firewall's internal interface).
I'm afraid I've spent all of the time that I can afford on this issue this
morning; time to get to my real job.
But IT DOES MATTER that the response packets are going out through another
router and it won't work unless you add an SNAT hack on the Shorewall box.
Although, it looks like you have another problem too but I won't know what
that is until you follow my instructions for gathering documentation that I
send previously.
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ [EMAIL PROTECTED]
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
