Agh! I didn't think of that. So that skewed my test through whatsmyip but the issue is still the same. Also I tested another machine in the LAN with the software and it works fine as it is not natted but it is masquaraded through a dansguardian/squid transparent proxy as the two servers are. Oh, the software in question uses https so it bypasses the DG/squid but to be sure I removed them out of the rules and I get same result. Shorewall dump was included in original but I attached to this one as well.
One other thing while I got your attention Tom, I'm a big fan of Shorewall and have been using it for almost 10 years and I don't think I have ever had an issue with it. Great piece of work. -----Original Message----- From: Tom Eastep [mailto:[email protected]] Sent: Saturday, April 21, 2012 10:47 AM To: [email protected] Subject: Re: [Shorewall-users] masqueraded ono-to-one nat??? On 4/21/12 7:36 AM, Bert wrote: > OS=Centos 6.2 > > My problem is I have two terminal servers located in LAN that have > been natted and when I open a browser on either of those servers and > go to whatsmyip.com it reports the firewalls ip address instead of the > ip address assigned in the nat configuration. Are you running a transparent proxy on the firewall? If not, then we will need to see the output of 'shorewall dump' collected as described at http://www.shorewall.net/support.htm#Guidelines -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ -- This message was scanned by ESVA and is believed to be clean.
shorewall.dmp.gz
Description: shorewall.dmp.gz
------------------------------------------------------------------------------ For Developers, A Lot Can Happen In A Second. Boundary is the first to Know...and Tell You. Monitor Your Applications in Ultra-Fine Resolution. Try it FREE! http://p.sf.net/sfu/Boundary-d2dvs2
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
