Tom, I tried to follow the instructions you gave me for one-interface (See Below) on my laptop which uses a wan0 connection.
It did not work. Please help me (Seer Attached File)? Horace -----ORIGINAL MESSAGE ----- From: Tom Eastep <[email protected]> To: [email protected] Cc: [email protected] Subject: Re: [Shorewall-users] Cannot connect to the internet Date: 03/30/2011 06:26:12 PM Please do me a favor. a) Uninstall Shorewall (however your distribution allows you to do that) b) rm -rf /etc/shorewall What I did. $ sudo rm -rf /etc/shorewall [sudo] password for *****N_****: $ NOTE -- NO more /ETC/SHOREWALL directory c) rm -rf /etc/default/shorewall What I did. $ sudo rm -rf /etc/default/shorewall $ NOTE -- No more /ETC/SHOREWALL/SHOREWALL d) Install the shorewall package What I did. Clicked MENU --> Clicked PACKAGE MANAGER --> Typed SHOREWALL in the QUICK SEARCH window --> Right Clicked SHOREWALL --> clicked MARK FOR INSTALATTION --> Clicked APPLY NOTES -- 1. OS Linux Mint 9 Isadora' 2. Shorewall version: $ shorewall version 4.4.6 $ -- DO NOTHING ELSE other than what I tell you below. e) cd /etc/shorewall What I did. $ cd /etc/shorewall $ f) if you are running Debian or Ubuntu and installed the .deb: cp /usr/share/doc/shorewall/examples/one-interface/* . What I did. $ cp /usr/share/doc/shorewall/examples/one-interface/* cp: target `/usr/share/doc/shorewall/examples/one-interface/shorewall.conf~' is not a directory $ $ sudo cp /usr/share/doc/shorewall/examples/one-interface/* [sudo] password for ******_****: cp: target `/usr/share/doc/shorewall/examples/one-interface/zones' is not a directory NOTE -- I could not get the above command to work so this is what I did. $ cd /usr/share/doc/shorewall/examples/one-interface $ $ sudo cp * etc/shorewall $ $ ls . .. interfaces policy README.txt rules shorewall.conf zones $ otherwise cp /usr/share/shorewall/Samples/one-interface/* . g) Edit /etc/shorewall/shorewall.conf and be sure that STARTUP_ENABLED=Yes; if not change it. What I did. I open FILE BROWSER navigated to /ETC/SHOREWALL/SHOREWALL.CONF Right Clicked the file SHOREWALL.CONF --> Clicked OPEN AS ADMINISTRATOR and changed STARTUP ENABLED=No to STARTUP ENABLED=Yes SAVED the FILE h) If you are running Debian or Ubuntu, edit /etc/default/shorewall and set startup=1. What I did. I open FILE BROWSER navigated to /ETC/DEFAULT/SHOREWALL Right Clicked the file SHOREWALL --> Clicked OPEN AS ADMINISTRATOR and changed STARTUP=0 to STARTUP=1 SAVED the FILE i) At a root console, type 'shorewall start'. What I did. $ sudo shorewall start Compiling... Compiling /etc/shorewall/zones... Compiling /etc/shorewall/interfaces... Determining Hosts in Zones... Preprocessing Action Files... Compiling ... Pre-processing /usr/share/shorewall/action.Drop... Pre-processing /usr/share/shorewall/action.Reject... Compiling /etc/shorewall/policy... Adding Anti-smurf Rules Adding rules for DHCP Compiling TCP Flags filtering... Compiling Kernel Route Filtering... Compiling Martian Logging... Compiling MAC Filtration -- Phase 1... Compiling /etc/shorewall/rules... Generating Transitive Closure of Used-action List... Processing /usr/share/shorewall/action.Reject for chain Reject... Compiling ... Processing /usr/share/shorewall/action.Drop for chain Drop... Compiling MAC Filtration -- Phase 2... Applying Policies... Generating Rule Matrix... Creating iptables-restore input... Compiling iptables-restore input for chain mangle:... Shorewall configuration compiled to /var/lib/shorewall/.start Starting Shorewall.... Initializing... Setting up Route Filtering... Setting up Martian Logging... Setting up Traffic Control... Preparing iptables-restore input... Running /sbin/iptables-restore... IPv4 Forwarding Disabled! done. $ This configuration will allow you unfettered access from your computer to the internet. Now a) cd /etc What I did. $ cd /etc $ b) cp -a shorewall shorewall.good What I did. $ sudo cp -a shorewall shorewall.good [sudo] password for ******_****`: $ NOTE: ect/shorewall.good directory/folder is present c) Now make changes to /etc/shorewall to try to allow the incoming traffic that you want. If you suddenly find that is has all gone to hell, then d) cd /etc f) rm -rf /etc/shorewall g) cp -a /etc/shorewall.save /etc/shorewall h) shorewall restart -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ Signature exists, but need public key
H - wan0 - No Internet Connection.gz
Description: GNU Zip compressed data
------------------------------------------------------------------------------ Fulfilling the Lean Software Promise Lean software platforms are now widely adopted and the benefits have been demonstrated beyond question. Learn why your peers are replacing JEE containers with lightweight application servers - and what you can gain from the move. http://p.sf.net/sfu/vmware-sfemails
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
