Hi everyone! I'm having time out problems when using a DNAT rule.
Rule: DNAT:info cmtc loc:192.168.0.158 tcp 8011 Log: Mar 17 17:50:17 gw kernel: [1583997.524924] Shorewall:cmtc_dnat:DNAT:IN=eth3 OUT= SRC=10.1.0.2 DST=10.0.0.2 LEN=60 TOS=0x10 PREC=0x00 TTL=62 ID=4279 DF PROTO=TCP SPT=32791 DPT=8011 WINDOW=5840 RES=0x00 SYN URGP=0 Telnet: r...@emudar:~# telnet 10.0.0.2 8011 Trying 10.0.0.2... telnet: connect to address 10.0.0.2: Connection timed out Inside my local network, the service running on 192.168.0.158 works fine. However, I can't connect from any other zone I have(DMZ, NET and CMTC). Using wireshark on this local server, I figured out that any connection arriving from anywhere but LOC, don't ACK. I tried the interface routeback option and looking into Shorewall FAQ I found a masq issue that could fix the problem. I added the following line inside masq file: eth3:10.1.0.2 0.0.0.0/0 10.0.0.2 tcp 8011 Even using this solutions I couldn't make this work. Can you help me? João K. ------------------------------------------------------------------------------ Download Intel® Parallel Studio Eval Try the new software tools for yourself. Speed compiling, find bugs proactively, and fine-tune applications for parallel performance. See why Intel Parallel Studio got high marks during beta. http://p.sf.net/sfu/intel-sw-dev _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
