Thank you. I don't want to make a release update from 12.04 to 12.10 , as it would be risky for me with lots of services running on the router. Is there a simple way to install available updates for Ubuntu (I know this is not the right place but just asking) ?
In your configuration, may the following parameters have any affect on my problem ? I know that they shouldn't but, in any case... proxyarp=1,required,wait=30 Thanks. -----Original Message----- From: Tom Eastep [mailto:[email protected]] Sent: Sunday, September 15, 2013 5:09 PM To: [email protected] Subject: Re: [Shorewall-users] routeback to same interface On 9/14/2013 1:38 PM, İlker Aktuna wrote: > Thanks for analyzing it. > This is not normal behaviour of netfilter right ? > Where can I ask about netfilter issue ? > I would start with Ubuntu. First, be sure that all available updates are installed. Then if you still have the problem, submit a bug report. I just performed a similar test on my up-to-date Debian 7 gateway and the test worked as expected: /etc/shorewall/zones: dmz ipv4 /etc/shorewall/interfaces: dmz br0 routeback,proxyarp=1,required,wait=30 /etc/shorewall/rules: DNAT dmz dmz:70.90.191.125:80 tcp 80 - 70.90.191.121 /etc/shorewall/masq: br0 70.90.191.120/29 70.90.191.121 tcp 80 root@gateway:~# uname -a Linux gateway 3.2.0-4-amd64 #1 SMP Debian 3.2.46-1 x86_64 GNU/Linux root@gateway:~# Chain dmz-dmz (1 references) pkts bytes target prot opt in out source destination 1 60 dynamic all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate INVALID,NEW,UNTRACKED 9 1666 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate ESTABLISHED 0 0 +dmz-dmz all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate RELATED 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 ctstate UNTRACKED 1 60 ACCEPT tcp -- * * 0.0.0.0/0 70.90.191.125 ctorigdst 70.90.191.121 tcp dpt:80 ctorigdstport 80 <============= 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 I used port 80 rather than a high port, but that is irrelevant. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ ------------------------------------------------------------------------------ LIMITED TIME SALE - Full Year of Microsoft Training For Just $49.99! 1,500+ hours of tutorials including VisualStudio 2012, Windows 8, SharePoint 2013, SQL 2012, MVC 4, more. BEST VALUE: New Multi-Library Power Pack includes Mobile, Cloud, Java, and UX Design. Lowest price ever! Ends 9/22/13. http://pubads.g.doubleclick.net/gampad/clk?id=64545871&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
