Mark Allison wrote: > Hi there, > > I have moving from a two-interface set-up to a three-interface set-up > where the third interface will be a DMZ. My shorewall is version > 4.0.15 on Debian Lenny and has the following interfaces: > > eth0 loc 10.0.0.3 > eth1 net dhcp > eth2 dmz 10.0.10.3 > > I'm trying to ping from a machine on the local network 10.0.0.6 to > 10.0.10.1 and I get destination unreachable. > I'm trying to ping from a machine on the DMZ network 10.0.10.1 to > 10.0.10.3 and I get destination unreachable. > > Could someone please help me find out what's wrong with my setup? I've > attached a shorewall dump. Is there anything else you need to help me > troubleshoot?
Before we start looking at the Shorewall configuration, does this local traffic all pass perfectly if you temporarily 'shorewall clear'? (be sure to 'shorewall start' after testing). From a quick look at the dump, I suspect that your problem has nothing to do with Shorewall. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Come build with us! The BlackBerry® Developer Conference in SF, CA is the only developer event you need to attend this year. Jumpstart your developing skills, take BlackBerry mobile applications to market and stay ahead of the curve. Join us from November 9-12, 2009. Register now! http://p.sf.net/sfu/devconf
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
