Please post your diagram again -- this time, use a text editor to draw it and attach it as a text attachment. We couldn't make any sense out of your last diagram because it was turned into nonsense by your mailer.
mess-mate wrote:
Hi, attached the statux.txt. a) it is b)the machine is located in the dmz zone and is running very well without any entry in /etc/shorewall/masq, for now
You have chosen the name 'dmz' for the _only_ zone that this system interfaces to. But from the point of view of Netfilter (and Shorewall), this is just a standalone system with two IP addresses on its network interface. The fact that one of those addresses belongs to a Vserver guest is immaterial in so far as Shorewall is concerned.
c) no nat rules. The DNAT rule is given in the router machine and redirect to my website actually on the host .
So in other words, you have TWO systems running Shorewall?
DNAT $FW dmz:192.168.20.1 tcp 80 - $ETH0_IP
And i want my website in the vservers guest, so dmz:192.168.20.1 shall
become dmz:192.168.30.1 in the future when my problem is solved.
So, if you "shorewall clear" on the Vserver host, does everything start working perfectly?
Hope i clarify a little bit more :(
Not really.If you have two Shorewall configurations, please collect a dump from both and describe exactly what doesn't work.
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by the 2008 JavaOne(SM) Conference Don't miss this year's exciting event. There's still time to save $100. Use priority code J8TL2D2. http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
