On 02/12/2013 11:46 AM, Tom Eastep wrote: > On 02/12/2013 11:35 AM, Art Mandler wrote: >> I have read everything I can find in the docs and faqs about this, and I >> feel there must just be some simple thing I'm not doing, but I'm stumped. >> >> Two interfaces, eth0 and eth1. eth1 is the WAN connection to the >> upstream provider, and has a single IP and the default gateway. >> Connection uses bgp. >> eth0 is the LAN interface, and has multiple IP addresses, private (ie., >> 10.0.2.x) and public. There are 5 small public subnets, one is /27 and >> others are /28 or /29. >> >> Zones are: net (eth1), open (public nets on eth0), safe (private nets >> on eth0), noc (management net), and of course fw. >> >> Here is one line from my hosts file: > > We would much rather see the output of 'shorewall dump' collected as > described at http://www.shorewall.net/support.htm#guidelines.
One thing comes to mind -- be sure that you have IP_FORWARDING=Yes in shorewall.conf. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Free Next-Gen Firewall Hardware Offer Buy your Sophos next-gen firewall before the end March 2013 and get the hardware for free! Learn more. http://p.sf.net/sfu/sophos-d2d-feb
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
