It was actually the enabling of the routeback option on eth1 that fixed it.
The Rule didn't do anything :) -----Original Message----- From: Simon Matter [mailto:[email protected]] Sent: Saturday, 1 August 2009 7:52 PM To: Shorewall Users Subject: Re: [Shorewall-users] DNAT / Live IP Translation > While watching dmesg connections, I see the following REJECT message > > Shorewall:FORWARD:REJECT:IN=eth1 OUT=eth1 SRC=192.168.0.x DST=203.xx.xx.xx > LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=19417 DF PROTO=TCP SPT=63918 DPT=80 > WINDOW=8192 RES=0x00 SYN URGP=0 > > As I put google to work, I see this commonly referred to as Shorewall FAQ > #2a. > > Following the guidelines here, I have been able to implement a rule via > masquerading the internal network. To me it looks like a hack. I think what Tom told you using the 'routeback' interface option was a better solution if you have both the 192.168.0.x and the proxyarped address on the same interface. However a much cleaner way would be to add another interface to the box and put the proxyarped host there. Simon ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users ------------------------------------------------------------------------------ Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day trial. Simplify your report design, integration and deployment - and focus on what you do best, core application coding. Discover what's new with Crystal Reports now. http://p.sf.net/sfu/bobj-july _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
