Hey guys,
Here's the situation, I've 3 networks, the host with IP, say
145.166.235.252 is connected to FW's interface eth2 (dmz) and the hosts
attached via eth0 (net) are able to access it using that address.
interfaces
net eth0 detect
loc eth1 detect
dmz eth2 detect
Here's fw's routing table, and 145.166.235.1 would be the ISP's router
0.0.0.0 145.166.236.1 0.0.0.0 UG 0 0 0 eth0
192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
145.166.235.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
145.166.235.224 0.0.0.0 255.255.255.224 U 0 0 0 eth2
145.166.235.252 0.0.0.0 255.255.255.255 UH 0 0 0 eth2
/etc/shorewall/proxyarp
145.166.235.252 eth2 eth0 No
>From the host 145.166.235.252 I can access the firewall, the IPSs gateway,
but I can't get beyond it.
host's routing table
145.166.235.224 0.0.0.0 255.255.255.224 U 0 0 0 eth1
0.0.0.0 145.166.235.253 0.0.0.0 UG 0 0 0 eth1
253 would be fw's eth2
######from the host to the ISP #########
PING 145.166.235.1 (145.166.235.1) 56(84) bytes of data.
64 bytes from 145.166.235.1: icmp_req=1 ttl=254 time=0.854 ms
#############################
I think it doesn't have anything to do with shorewall misconfig but I hope
you guys can give me some pointers here on what I'm missing... ip
forwarding is enabled, I tried to use NAT and it worked using masq on a
192.168.0.0/24 local network, through fw's eth1.
The ping is not being rejected either.
I'll still try a traceroute from outside later...
Any help would be appreciated.
Regards,
- Ismael
------------------------------------------------------------------------------
Get 100% visibility into Java/.NET code with AppDynamics Lite!
It's a free troubleshooting tool designed for production.
Get down to code-level detail for bottlenecks, with <2% overhead.
Download for free and get started troubleshooting in minutes.
http://pubads.g.doubleclick.net/gampad/clk?id=48897031&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
