Wilson Kwok wrote:
> Hello,
>
> The shorewall version is shorewall-3.0.7-1 installed in Centos 5.1 (kernal
> 2.6.18-53.el5) on March.
>
> Number one problem is:
>
> I edited the policy file was
>
> dmz loc ACCEPT info
>
> I could use 3389 remote desktop to loc Windows 2003 server but couldn't use
> SSH (22 port) to loc Linux server. Also I tried open that two ports in rules
> file but still couldn't made the connection between dmz to loc.
>
> Here is the log, the log displayed dmz2loc was ACCEPT:
>
> Apr 26 18:40:33 shorewall kernel: Shorewall:dmz2loc:ACCEPT:IN=eth0 OUT=eth1
> SRC=192.168.0.14 DST=172.16.1.245 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=8559
> DF PROTO=TCP SPT=3799 DPT=22 WINDOW=65535 RES=0x00 SYN URGP=0
Use wireshark (ethereal) to work out whether you're getting packets in
reply. If the Windows box works, but the Linux box doesn't, most likely
the problem is routing or something like that.
Paul
-------------------------------------------------------------------------
This SF.net email is sponsored by the 2008 JavaOne(SM) Conference
Don't miss this year's exciting event. There's still time to save $100.
Use priority code J8TL2D2.
http://ad.doubleclick.net/clk;198757673;13503038;p?http://java.sun.com/javaone
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
