[Shorewall-users] Among 3 interfaces LAN does not reach Internet Suddenly

Tue, 02 Jul 2013 09:21:27 -0700 

Hi:

Two shorewall boxes are installed in two different places with latest
stable versions with three interfaces (eth0>>NET, eth1>>LAN and
eth2>>DMZ), and running without any hitches for 3 years with the same
configuration .

All of a sudden a few days back, the LAN in both places stopped
reaching internet without any warnings.

§1 Checked disk space and inodes, they are available adequately. So
diskspace is not a problem.

§2 LAN NIC is active, letting me connect to get the results below with
a crossover cable. So NIC is working fine and also shows that the
routing is fine.

§3 Checked for rootkits and found clean.

Any inputs to make LAN reach the internet shall be appreciated. Thanks!

The network looks like as of below:

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use Iface
192.168.7.0     0.0.0.0         255.255.255.0   U     0      0        0 eth2
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
192.168.9.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
169.254.0.0     0.0.0.0         255.255.0.0     U     0      0        0 eth2
0.0.0.0         192.168.1.1     0.0.0.0         UG    0      0        0 eth0

# shorewall show policies
Shorewall 4.5.17.1 Policies at gw - Tue Jul  2 19:54:47 CEST 2013

fw      =>      net     ACCEPT using chain fw2net
fw      =>      loc     REJECT using chain fw2loc
fw      =>      dmz     REJECT using chain fw2dmz
net     =>      fw      DROP using chain net2fw
net     =>      loc     DROP using chain net2loc
net     =>      dmz     ACCEPT using chain net2dmz
loc     =>      fw      ACCEPT using chain loc2fw
loc     =>      net     ACCEPT using chain loc2net
loc     =>      dmz     ACCEPT using chain loc2dmz
dmz     =>      fw      ACCEPT using chain dmz2fw
dmz     =>      net     ACCEPT using chain dmz2net
dmz     =>      loc     REJECT using chain dmz2loc
You have new mail in /var/spool/mail/root

# shorewall show config
Default CONFIG_PATH is /etc/shorewall:/usr/share/shorewall
Default VARDIR is /var/lib/shorewall
LIBEXEC is /usr/libexec
SBINDIR is /sbin
CONFDIR is /etc

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to