Am 31.12.2012 20:39, schrieb Tom Eastep: > ----> /etc/shorewall/hosts > #ZONE HOSTS OPTIONS > vpn1 eth0:0.0.0.0/0 > That can't be right -- don't you want ppp0:0.0.0.0/0? >
Thank you for this great tip. Now l2tp/ipec gets a connect. >> ----> /etc/shorewall/policy >> # Policies for traffic originating from the Internet zone (net) >> net dmz DROP info >> net $FW ACCEPT info > That's a horrible idea.... > > Thats right. Now I changed the policy to: net $FW DROP info But now I get a new problem: ... Jan 1 02:56:45 router kernel: [ 455.395574] Shorewall:net2fw:DROP:IN=ppp0 OUT= MAC= SRC=80.187.106.196 DST=84.57.4.128 LEN=140 TOS=0x00 PREC=0x00 TTL=45 ID=43653 PROTO=UDP SPT=7827 DPT=4500 LEN=120 ... Do you think its sure to solve that with a rule like: ACCEPT net $FW udp 4500 Thank you! Tony ------------------------------------------------------------------------------ Master SQL Server Development, Administration, T-SQL, SSAS, SSIS, SSRS and more. Get SQL Server skills now (including 2012) with LearnDevNow - 200+ hours of step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only - learn more at: http://p.sf.net/sfu/learnmore_122512 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
