On 01/11/2013 09:06 AM, Dario Lesca wrote: > Il giorno ven, 11/01/2013 alle 08.40 -0800, Tom Eastep ha scritto: >> >> Ah -- I see the real problem here. Your firewall is MASQUERADING >> outgoing connections from the server. >> >> Note that the incoming connection on port 21 is addressed to >> my.host.42.251 but the outgoing connection is from my.host.42.242! >> >> Fix your /etc/shorewall/masq file so that it doesn't masquerade those >> outgoing connections. >> > Wow!, thank Tom!! Work! Work! Work! > > This is my old masq file, : > $NET_IF_1 0.0.0.0/0 $ONLINE_SERVER tcp 25 > $NET_IF_1 0.0.0.0/0 $NET_FW_IP_1 > > I have masquerade only port 25 for same outgoing mail service. > Now I have this configuration: > $NET_IF_1 0.0.0.0/0 $ONLINE_SERVER > $NET_IF_1 0.0.0.0/0 $NET_FW_IP_1 > > Now Work!, but my other question is: It's correct this configuration > method?
Now all outgoing connections are using your server's ip address as the source. I would make a single entry as follows: $NET_IF_1 !$ONLINE_SERVER $NET_FW_IP_1 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Master HTML5, CSS3, ASP.NET, MVC, AJAX, Knockout.js, Web API and much more. Get web development skills now with LearnDevNow - 350+ hours of step-by-step video tutorials by Microsoft MVPs and experts. SALE $99.99 this month only -- learn more at: http://p.sf.net/sfu/learnmore_122812
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
