Hi it looks like you are not masquerading your private network to the internet! Do you have a line in your /etc/shorewall/masq like the following?: eth1 192.168.1.0/24
http://www.shorewall.net/manpages/shorewall-masq.html matt On 6 Oct 2013 at 10:21, Holger Apfel wrote: From: Holger Apfel <[email protected]> Date sent: Sun, 6 Oct 2013 10:21:59 +0200 To: [email protected] Subject: [Shorewall-users] unable to config shorewall correctly Send reply to: Shorewall Users <[email protected]> <mailto:[email protected]?subject=unsubscribe> <mailto:[email protected]?subject=subscribe> > Dear all, > > I'm new to shorewall (and quite new to linux), so please forgive me > any obvious mistakes. > > As to my problem: > I've installed shorewall on a raspberry pi because I want to replace a > netgear 318 with it. eth0 is connected to the internal network > 192.168.1.0/24. It has the fixed IP 192.168.1.4. eth1 is connected to > the internet via ppp0. It has a fixed IP. > > DHCP is running on the pi as well, but it seems to be working (all > clients on the subnet receive their IPs as defined in dhcpd.conf). > > What does work: I may > > - ping from the raspberry to the internet (google DNS servers 8.8.4.4 > and 8.8.8.8). - ping from the pi to internal clients. - ping/shh from > internal clients to the pi. - use a browser on the pi. > > What doesn't: > > - routing / nat via the pi doesn't seem to work, at least i won't get > any connections to the net. - connecting the pi via ssh: establishing > theconnection to 192.168.1.4 is found reeeaaaaly slow if the ppp0 port > is active, i.e. once a cable has been connected to it and pppoe is up > (say 15 seconds). It looks as if the desktop first tries to find the > pi "somewhere else" (again, please excuse my ignorance on inner > ethernet workings in general) until a timeout get it back on track. > > The shorewall dump is attached below. > > Any help will be appreciated. > > > ------------------------------------------------------------------------------ October Webinars: Code for Performance Free Intel webinars can help you accelerate application performance. Explore tips for MPI, OpenMP, advanced profiling, and more. Get the most from the latest Intel processors and coprocessors. See abstracts and register > http://pubads.g.doubleclick.net/gampad/clk?id=60134791&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
