Caveat: This is just a guess. Really. :)
On Mon, 2008-11-17 at 14:56 -0500, Simon Gomizelj wrote:
> Now, when I wireless connect to my desktop router, I have complete access to
> the local network. I can ping the box and ssh into it. The box gets internet
> and can torrent (I made the suggested modifications from the guide).
>
> However when I try to ping anything, say google.com, I get rejected and lines
> like this in my log:
>
> > Shorewall:loc2fw:REJECT:IN=ath0 OUT= MAC=..... SRC=10.0.0.2 DST=10.0.0.1
> > ....
You snipped some important parts, but my guess is that this is a DNS
query, port 53 (assuming DHCP and announcing a local DNS on the FW).
> So something is misconfigured because its looking in $FW for google. When I
> change the policy line from:
>
> > loc $FW REJECT info
> to
> > loc $FW ACCEPT
>
> Suddenly the machine can get google's ip, but it still can't ping it.
^^^^^^^^^^^^^^^^^^^
Supports the above guess about DNS. You didn't show your rules, so I
further guess that you don't ACCEPT DNS traffic from the loc zone.
Moreover I guess that the reason why you can't access *any* service on
the Internet from a machine in your loc zone is, that you didn't
configure /etc/shorewall/masq at all (or got INTERFACE and SOURCE
reverted).
That much for my crystal ball today. :)
--
[ESR] Eric S. Raymond: "How To Ask Questions The Smart Way"
http://www.catb.org/~esr/faqs/smart-questions.html
[SGT] Simon G. Tatham: "How to Report Bugs Effectively"
http://www.chiark.greenend.org.uk/~sgtatham/bugs.html
-------------------------------------------------------------------------
This SF.Net email is sponsored by the Moblin Your Move Developer's challenge
Build the coolest Linux based applications with Moblin SDK & win great prizes
Grand prize is a trip for two to an Open Source event anywhere in the world
http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
