Hi all: We have a 4 interface firewall, 3 interfaces with public IP`s and 1 conected to our LAN, with a private IP. In the public IP we have diferent services (ftp, web, ..). In the LAN we have the real servers.
Traffic to 62.15.227.88 redirected to 192.168.13.1 Traffic to 62.15.227.20 redirected to 192.168.13.4 Traffic to 62.15.227.19 redirected to 192.168.13.5 Some times, one of the public IP don't receive any traffic (no loggin reports also) and our ISP confirms that all packacges are redirected to our firewall. This problem is only sometimes, once a month por examp. Is There something wrong in the shorewall configuration?? /etc/shorewall/interfaces #ZONE INTERFACE BROADCAST OPTIONS net1 eth1 detect tcpflags,nosmurfs ---> public IP net2 eth2 detect tcpflags,nosmurfs ---> public IP net3 eth3 detect tcpflags,nosmurfs ---> public IP loc eth0 detect tcpflags,nosmurfs ---> local IP /etc/shorewall/rules # RULES FTPSRV & WEB1 DNAT net1 loc:192.168.13.1 tcp 21 - 62.15.227.88 DNAT net1 loc:192.168.13.1 tcp 80,443 - 62.15.227.88 # REGLAS ACCESO WEB2 Y WEB3 DNAT net3 loc:192.168.13.4 tcp 80,443 - 62.15.227.20 DNAT net2 loc:192.168.13.5 tcp 80,443 - 62.15.227.19 /etc/masq #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK eth1 eth0 eth2 eth0 eth3 eth0 Thanks in advance ------------------------------------------------------------------------------ Stay on top of everything new and different, both inside and around Java (TM) technology - register by April 22, and save $200 on the JavaOne (SM) conference, June 2-5, 2009, San Francisco. 300 plus technical and hands-on sessions. Register today. Use priority code J9JMT32. http://p.sf.net/sfu/p _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
