On 09/27/2012 09:06 AM, Nathan Kennedy wrote: > I have been trying to figure out a problem with a server we have that > hosts wordpress and it cannot get the wordpress updates from > wordpress.org. The only thing I can see shorewall wise is this error: > Shorewall:FORWARD:REJECT:IN=eth1 OUT=eth1 SRC=192.168.111.23 > DST=192.168.111.23 LEN=60 TOS=0x00 PREC=0x00 TTL=63 ID=13717 DF > PROTO=TCP SPT=49106 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 > > This server is setup for SNAT, this is the line in the nat file: > 208.120.234.54 eth0:3 192.168.111.23 yes yes >
That log message looks like 192.168.111.23 is trying to connect to 208.120.234.54; that of course results in 192.168.111.23 connecting to itself through the firewall. The reason that connection doesn't work is that eth1 doesn't have the 'routeback' option in /etc/shorewall/interfaces. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ Everyone hates slow websites. So do we. Make your web apps faster with AppDynamics Download AppDynamics Lite for free today: http://ad.doubleclick.net/clk;258768047;13503038;j? http://info.appdynamics.com/FreeJavaPerformanceDownload.html _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
