I have similar problem using One to one nat with this version of shorewall.
Stephen
Sent from my iPhone
On 26 Jul, 2013, at 4:39 PM, Christophe Ségui
<[email protected]> wrote:
> Another (important detail) : Setup is working when client node try to reach a
> web server located in netB but not for an internet web server…. routefilter=0
> and logmartians=0 options are set for FW interface on netB
>
>
> Thanks
> Christophe
>
> Le 26 juil. 2013 à 09:52, Christophe Ségui
> <[email protected]> a écrit :
>
>> Hi list,
>>
>> I'm using shorewall 4.5.5 on debian stable.
>>
>> i'm having some issue to set up transparent proxy. Setup is quite complex.
>>
>>
>>
>> Provider A Provider B
>> \ /
>> \ /
>> \ /
>> \ /
>> FW
>> / ---------| \
>> / \
>> Bridge Net B
>> / \
>> NetC NetD
>>
>>
>> Nodes on NetD should access net through proxy located on NetB. I've setted
>> up a config as described in
>> http://www.shorewall.net/Shorewall_Squid_Usage.html#idp114696
>>
>> I've two different providers. I've added a marking rule, setted up PRIORITY
>> in order to get fwmark used first (before rules defined in rtrules).
>>
>> Here is the issue :
>> Packet sent to net by nodes on NetD get correctly marked, so get routed to
>> proxy on NetB which handle request. Packe come back to firewall interface
>> through NetB and stop there (src IP is the requested IP (eg www.google.com),
>> dest IP is the NetD node which has made http request according to tcpdump).
>> Although tcpdump shows up the packet, no Shorewall log about this last
>> incoming packet.
>>
>> Traffic from NetB is authorized to access NetD (no ip source or dest check)….
>>
>>
>> Any clue on what maybe wrong?
>>
>>
>> Thanks
>> Christophe
>>
>>
>>
>>
>>
>> ------------------------------------------------------------------------------
>> See everything from the browser to the database with AppDynamics
>> Get end-to-end visibility with application monitoring from AppDynamics
>> Isolate bottlenecks and diagnose root cause in seconds.
>> Start your free trial of AppDynamics Pro today!
>> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk_______________________________________________
>> Shorewall-users mailing list
>> [email protected]
>> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
> ------------------------------------------------------------------------------
> See everything from the browser to the database with AppDynamics
> Get end-to-end visibility with application monitoring from AppDynamics
> Isolate bottlenecks and diagnose root cause in seconds.
> Start your free trial of AppDynamics Pro today!
> http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
> _______________________________________________
> Shorewall-users mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
See everything from the browser to the database with AppDynamics
Get end-to-end visibility with application monitoring from AppDynamics
Isolate bottlenecks and diagnose root cause in seconds.
Start your free trial of AppDynamics Pro today!
http://pubads.g.doubleclick.net/gampad/clk?id=48808831&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
