On May 2, 2011, at 10:47 PM, Frank Richards wrote: > Hi > > Have tried all I can think of but still unable to get to get it to > work, > IP_FORWARDING=ON > > ADD_IP_ALIASES=Yes > > my version 2 system is ok and have used the same settings as there, and > the start dialogue says the >> IPv4 Forwarding Enabled > > > Am i missing something? > > Regards Frank > >> root@server:~# shorewall restart >> Compiling... >> Processing /etc/shorewall/shorewall.conf... >> Loading Modules... >> Compiling /etc/shorewall/zones... >> Compiling /etc/shorewall/interfaces... >> Determining Hosts in Zones... >> Preprocessing Action Files... >> Compiling ... >> Pre-processing /usr/share/shorewall/action.Drop... >> Pre-processing /usr/share/shorewall/action.Reject... >> Compiling /etc/shorewall/policy... >> Adding rules for DHCP >> Compiling Kernel Route Filtering... >> Compiling Martian Logging... >> Compiling /etc/shorewall/masq... >> WARNING: Using an interface as the masq SOURCE requires the >> interface to be up and configured when Shorewall starts/restarts : >> /etc/shorewall/masq (line 1) >> Compiling MAC Filtration -- Phase 1... >> Compiling /etc/shorewall/rules... >> Generating Transitive Closure of Used-action List... >> Processing /usr/share/shorewall/action.Reject for chain Reject... >> Compiling ... >> Processing /usr/share/shorewall/action.Drop for chain Drop... >> Compiling MAC Filtration -- Phase 2... >> Applying Policies... >> Generating Rule Matrix... >> Creating iptables-restore input... >> Compiling iptables-restore input for chain mangle:... >> Shorewall configuration compiled to /var/lib/shorewall/.restart >> Restarting Shorewall.... >> WARNING: default route ignored on interface eth1
The above message indicates that there is a default route defined out of eth1 and that you have entered 'eth1' in the SOURCE column of /etc/shorewall/interfaces (we can see that from the WARNING: above). If eth1 is really your internal (local) interface, then it should not have a default route defined. Otherwise, you may have the interfaces reversed. As always, the output of 'shorewall dump' is most useful for trying to help you determine the exact cause. Please see http://www.shorewall.net/support.htm#Guidelines for information about how to collect a useful dump. Thanks, -Tom Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
PGP.sig
Description: This is a digitally signed message part
------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
