On 04/02/2012 11:46 AM, Augusto Vázquez Vázquez wrote: > Even using IP addresses instead of DNS names it fail. > I'm trying to access any website from the firewall, using Iceweasel in > Debian 6.0.2, in the firewall is running Shorewall, DNS with views > (Wan, Lan, DMZ) and Proxy server. I can't use the package aptitude > either.
Clearly, Shorewall isn't blocking web access from the firewall since Squid is able to access the net fine. And there are no firewall rules blocking fw->net traffic: Chain OUTPUT (policy DROP 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 983K 125M fw2net all -- * eth0 0.0.0.0/0 0.0.0.0/0 Chain fw2net (1 references) pkts bytes target prot opt in out source destination 502K 91M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED,ESTABLISHED 33538 2029K ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:80 448K 33M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 If you momentarily 'shorewall clear', does the problem go away? (be sure to 'shorewall start' after the test). -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
