Hi Dierk, To be a little more secure. Instead of enabling this in the policy file. You can make it more restrictive by adding a rules line to enable road -> fw only for tcp port 8080.
Regards, Roy On Tue, 2013-01-29 at 08:57 +0100, Dierk Pfeiffer / Metabolic Online wrote: > Hi Tom, > > thanks for the hint, after debugging the log message. > > Shorewall:road2fw:REJECT:IN=tun0 OUT= MAC= SRC=10.8.0.6 DST=10.8.0.1 > LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=59035 DF PROTO=TCP SPT=33504 > DPT=8080 WINDOW=14600 RES=0x00 SYN URGP=0 > > I saw that road has no access to FW so I added to policy > > road fw ACCEPT > > After this, it works fine and I can access over Openvpn the tomcat. > > Is it safe to let road access to the fw Zone? > > Thanks > Dierk > > > Am 28.01.2013 18:50, schrieb Tom Eastep: > > > On 1/28/13 8:08 AM, "Dierk Pfeiffer / Metabolic Online" > > <[email protected]> wrote: > > > > > > Hi, > > > > I try to configure Shorewall on a Ubuntu Server 12.04 with > > > > 1. Openvpn > > 2. Tomcat > > > > So a client can connect to the Server and work with TOMCAT > > > > I have already some rules for Mail, WEB, FTP, SSH > > > > Openvpn is installed and I can connect, but can not reach to > > the tomcat on Port 8080. > > > > I include the configuration Files for Shorewall and Openvpn > > > > > > We would prefer the output of 'shorewall dump' collected as > > described at http://www.shorewall.net/support.htm#Guidelines. > > > > > > Thanks, > > -Tom > > You do not need a parachute to skydive. You only need a parachute to > > skydive twice. > > > > > > > > > > ------------------------------------------------------------------------------ > > Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, > > MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current > > with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft > > MVPs and experts. ON SALE this month only -- learn more at: > > http://p.sf.net/sfu/learnnow-d2d > > > > > > _______________________________________________ > > Shorewall-users mailing list > > [email protected] > > https://lists.sourceforge.net/lists/listinfo/shorewall-users > > ------------------------------------------------------------------------------ > Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, > MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current > with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft > MVPs and experts. ON SALE this month only -- learn more at: > http://p.sf.net/sfu/learnnow-d2d > _______________________________________________ Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users -- Netzary InfoDynamics "Making IT to Work for You" website : http://www.netzary.com hand Phone : +91 8088503811 telephone : +91 80 41738665 fax : +91 80 22075212 ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnnow-d2d _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
