Dear all experts,
I am facing one problem that I want to access the external host using external
IP address from internal network while the external IP address is using one-one
NAT which maps to an internal IP address.
I can access the IP address 192.168.1.155 but cannot access 103.6.49.42 in the
Trust zone (Internal network).
Here's the information of the Network Interfaces
Neteth1detectroutefilter,tcpflags,nosmurfs
Trust eth0detect routefilter=0,routeback
Here's the information of the NAT
103.6.49.42eth1192.168.1.155yesno
Here's the information of the RULES
ACCEPTNetTrust:192.168.1.155tcpwww
Here's the information of the MASQ
eth1eth0103.6.49.34
I am using CentOS 6.4 with latest kernel 2.6.32-358.11.1.el6.i686
Shorewall version 4.5.17.1
Below is the sysctl.conf information
# Controls IP packet forwarding
net.ipv4.ip_forward = 0
# Controls source route verification
net.ipv4.conf.default.rp_filter = 1
# Do not accept source routing
net.ipv4.conf.default.accept_source_route = 0
# Controls the System Request debugging functionality of the kernel
kernel.sysrq = 0
# Controls whether core dumps will append the PID to the core filename.
# Useful for debugging multi-threaded applications.
kernel.core_uses_pid = 1
# Controls the use of TCP syncookies
net.ipv4.tcp_syncookies = 1
# Disable netfilter on bridges.
#net.bridge.bridge-nf-call-ip6tables = 0
#net.bridge.bridge-nf-call-iptables = 0
#net.bridge.bridge-nf-call-arptables = 0
# Controls the default maxmimum size of a mesage queue
kernel.msgmnb = 65536
# Controls the maximum size of a message, in bytes
kernel.msgmax = 65536
# Controls the maximum shared segment size, in bytes
kernel.shmmax = 4294967295
# Controls the maximum number of shared memory segments, in pages
kernel.shmall = 268435456
net.ipv4.tcp_rmem = 1000000 1000000 1000000
# sets min/pressure/max TCP write buffer, default 4096 16384 131072
net.ipv4.tcp_wmem = 1000000 1000000 1000000
# sets min/pressure/max TCP buffer space, default 31744 32256 32768
net.ipv4.tcp_mem = 150000000 150000000 150000000
### CORE settings (for socket and UDP effect)
# maximum receive socket buffer size, default 131071
net.core.rmem_max = 100000000
# maximum send socket buffer size, default 131071
net.core.wmem_max = 100000000
# default receive socket buffer size, default 65535
net.core.rmem_default = 2524287
# default send socket buffer size, default 65535
net.core.wmem_default = 2524287
# maximum amount of option memory buffers, default 10240
net.core.optmem_max = 2524287
# number of unprocessed input packets before kernel starts dropping them,
default 300
net.core.netdev_max_backlog = 300000
net.ipv4.tcp_no_metrics_save = 1
net.ipv4.tcp_moderate_rcvbuf = 1
I already followed the instruction in FAQ but still not working. Any expert can
help ?
Best regards,
Stephen FU
------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:
Build for Windows Store.
http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
