I have a firewall with 3 interfaces under CentOS5.5 and using Shorewall 4.4. There are multiple IP addresses on the external interfaces (2 of them - 1 to each of 2 different providers) and have one-to-one NAT setup on some of them for internal private IP systems. Initially this was all working great and all still works fine except for some of these NAT setups. After a couple of weeks (*no* change in the shorewall config), one of the forwarding stopped and connections were being rejected. Yesterday, another one did it. And then this morning, I noticed that one of the forwarding was going to the incorrect server on the private network!
Attached is a copy of the output from 'shorewall dump'. I did a connection test from 208.69.72.26 to 38.116.137.22 on port 25 and the connection which should (and has been) forwarded to 192.168.0.212 failed - rejected. Did another test from the same IP to another NAT setup address 38.116.133.253 on port 25 and instead of a response from the configured NAT server at 192.168.0.213, I instead got the server at 192.168.0.212. As I noted, this was all working fine and then, one by one, they seem to stop working and I end up with the REJECT instead. Am not sure where to go from here since the config seems to be OK in my review of it and the shorewall docs - and it has been working fine. Any suggestions as to what to take a look at next or how to resolve this issue? Thanks! Chris
shorewall-dump.txt.gz
Description: GNU Zip compressed data
------------------------------------------------------------------------------ Xperia(TM) PLAY It's a major breakthrough. An authentic gaming smartphone on the nation's most reliable network. And it wants your games. http://p.sf.net/sfu/verizon-sfdev
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
