Hi,
This problem is really disturbing. When I check with tcpdump, I can see that
the tcp packet is coming from br0 but it does not go out.
If I log the DNAT rule with shorewall, I can see it in Shorewall log.
Sep 8 20:27:37 router Shorewall:lan_dnat:DNAT: IN=br0 OUT=
MAC=00:0d:b9:12:cf:91:00:23:14:42:ef:dc:08:00 SRC=192.168.254.1
DST=192.168.254.254 LEN=48 TOS=00 PREC=0x00 TTL=128 ID=11692 DF PROTO=TCP
SPT=54047 DPT=9309 SEQ=2417620935 ACK=0 WINDOW=8192 SYN URGP=0
But it never goes out...
How can I solve this ?
Thanks.
From: İlker Aktuna [mailto:[email protected]]
Sent: Sunday, September 08, 2013 3:07 AM
To: [email protected]
Subject: [Shorewall-users] routeback to same interface
Hi,
I am using v4.4.26.1 and I have a bridge interface on my firewall (br0).
Under the bridge interface, I have 2 interfaces (eth1 and wlan0)
For routing back to the same interface scenarios, I have the routeback
option set on this interface:
#ZONE INTERFACE BROADCAST OPTIONS
lan br0 detect dhcp,routeback,routefilter
And this works for traffic coming from wlan0 , going to eth1 and also in the
other direction.
However, I also need allowing traffic routing from eth1 to eth1 for some
DNAT rules.
But when the same traffic comes from eth1 , it does not go back to eth1.
What am I doing wrong ?
How can I solve this ?
Thanks,
ilker
------------------------------------------------------------------------------
Learn the latest--Visual Studio 2012, SharePoint 2013, SQL 2012, more!
Discover the easy way to master current and previous Microsoft technologies
and advance your career. Get an incredible 1,500+ hours of step-by-step
tutorial videos with LearnDevNow. Subscribe today and save!
http://pubads.g.doubleclick.net/gampad/clk?id=58041391&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
