On 12/31/12 10:37 AM, [email protected] wrote: > I configured shorewall like the instructiones in > http://www.shorewall.net/IPSEC-2.6.html but it does not run. > > I allways get in /var/log/syslog: > ... > Dec 31 19:08:31 router kernel: [81080.616087] > Shorewall:INPUT:REJECT:IN=ppp0 OUT= > MAC=45:00:00:88:3e:3e:00:00:2d:11:20:cd:50:bb:67:59:54:39:22:05:1b:2e > SRC=80.187.103.89 DST=84.57.34.5 LEN=95 TOS=0x00 PREC=0x00 TTL=45 > ID=15934 PROTO=UDP SPT=62781 DPT=1701 LEN=75 > ... > > Only, if I change the last line of /etc/shorewall/policy for a short > time to: > ... > all all ACCEPT info > ... > > > I made an easier configuration:
> > ----> /etc/shorewall/hosts > #ZONE HOSTS OPTIONS > vpn1 eth0:0.0.0.0/0 That can't be right -- don't you want ppp0:0.0.0.0/0? > #LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOVE > > ----> /etc/shorewall/policy > # Policies for traffic originating from the Internet zone (net) > net dmz DROP info > net $FW ACCEPT info That's a horrible idea.... -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122412
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
