Mitch Sheean wrote: > I did a shorewall clear and it still does not behave properly. > > I did try to set up a box on non-routeable ip space and was able to DNAT > to it. I had done this before on a test network and thought it may be a > problem with the production network. But the production network seems > just fine. Packets will route inside to non-routeable addresses. >
Well, if a non-NAT router doesn't work to begin with, configuring a firewall on it isn't going to make it start working. Your routing is clearly broken -- probably the receiving host is attempting to route its responses through the wrong path. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Return on Information: Google Enterprise Search pays you back Get the facts. http://p.sf.net/sfu/google-dev2dev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
