[Shorewall-users] Configuration with Openvpn and Tomcat

[Dierk Pfeiffer / Metabolic Online]

Hi,

I try to configure Shorewall on a Ubuntu Server 12.04 with
1. Openvpn
2. Tomcat

So a client can connect to the Server and work with TOMCAT

I have already some rules for Mail, WEB, FTP, SSH

Openvpn is installed and I can connect, but can not reach to the tomcat 
on Port 8080.

I include the configuration Files for Shorewall and Openvpn


/etc/shorewall/rules

#
# Shorewall version 4 - Rules File
#
# For information on the settings in this file, type "man shorewall-rules"
#
# The manpage is also online at
# [url]http://www.shorewall.net/manpages/shorewall-rules.html[/url]
#
################################################################################################################################################################################$
#ACTION         SOURCE          DEST            PROTO DEST    
SOURCE          ORIGINAL        RATE            USER/ MARK    
CONNLIMIT       TIME         HEADERS         SWI$
# PORT    PORT(S)         DEST            LIMIT           GROUP
#SECTION ALL
#SECTION ESTABLISHED
#SECTION RELATED
SECTION NEW

SSH/ACCEPT      net     $FW

Ping/ACCEPT     net     $FW

# Permit all ICMP traffic FROM the firewall TO the net zone
ACCEPT          $FW     net     icmp

# mail lines
SMTP/ACCEPT     net     $FW
SMTPS/ACCEPT    net     $FW
Submission/ACCEPT net   $FW
IMAP/ACCEPT     net     $FW
IMAPS/ACCEPT    net     $FW

#web
Web/ACCEPT      net     $FW
#ftp
FTP/ACCEPT      net     $FW
ACCEPT          net     fw   tcp 20,21

#tomcat
#
ACCEPT          road    fw tcp 8080

/etc/shorewall/interfaces

#
# Shorewall version 4 - Interfaces File
#
# For information about entries in this file, type "man 
shorewall-interfaces"
#
# The manpage is also online at
# [url]http://www.shorewall.net/manpages/shorewall-interfaces.html[/url]
#
###############################################################################
#ZONE   INTERFACE       BROADCAST       OPTIONS
net     eth0            detect dhcp,tcpflags,logmartians,nosmurfs
road    tun+



/etc/shorewall/zones

#
# Shorewall version 4 - Zones File
#
# For information about this file, type "man shorewall-zones"
#
# The manpage is also online at
# [url]http://www.shorewall.net/manpages/shorewall-zones.html[/url]
#
###############################################################################
#ZONE   TYPE            OPTIONS IN                      OUT
# OPTIONS                 OPTIONS
fw      firewall
loc     ipv4
net     ipv4
#loc     Local
road     ipv4

/etc/shorewall/tunnels

#TYPE                   ZONE           GATEWAY GATEWAY ZONE
openvpn:1194    net            0.0.0.0/0


/etc/shorewall/policy


#
# Shorewall version 4 - Policy File
#
# For information about entries in this file, type "man shorewall-policy"
#
# The manpage is also online at
# [url]http://www.shorewall.net/manpages/shorewall-policy.html[/url]
#
###############################################################################
#SOURCE DEST    POLICY          LOG     LIMIT: CONNLIMIT:
#                               LEVEL   BURST MASK
$FW     net     ACCEPT
road    loc     ACCEPT
net     $FW     DROP            info
net     all     DROP            info
# The FOLLOWING POLICY MUST BE LAST
all     all     REJECT          info

/etc/openvpn/server.conf

#################################################
# Sample OpenVPN 2.0 config file for            #
# multi-client server.                          #
#                                               #
# This file is for the server side              #
# of a many-clients <-> one-server              #
# OpenVPN configuration.                        #
#                                               #
# OpenVPN also supports                         #
# single-machine <-> single-machine             #
# configurations (See the Examples page         #
# on the web site for more info).               #
#                                               #
# This config should work on Windows            #
# or Linux/BSD systems.  Remember on            #
# Windows to quote pathnames and use            #
# double backslashes, e.g.:                     #
# "C:\\Program Files\\OpenVPN\\config\\foo.key" #
#                                               #
# Comments are preceded with '#' or ';'         #
#################################################

port 1194

;proto tcp
proto udp

;dev tap
dev tun

ca ./easy-rsa2/keys/ca.crt
cert ./easy-rsa2/keys/server.crt
key ./easy-rsa2/keys/server.key    # Diese Datei geheim halten.
dh ./easy-rsa2/keys/dh1024.pem     # Diffie-Hellman-Parameter

server 10.8.0.0 255.255.255.0

ifconfig-pool-persist ipp.txt

keepalive 10 120

comp-lzo

persist-key
persist-tun

status openvpn-status.log

verb 3


--------------

Thanks a lot for any Help and hints




------------------------------------------------------------------------------
Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS,
MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current
with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft
MVPs and experts. ON SALE this month only -- learn more at:
http://p.sf.net/sfu/learnnow-d2d_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users