On 2/10/2014 11:59 PM, [email protected] wrote: > Hello, > > > I’m using shorewall for years with this configuration : gateway (debian > wheezy) with pppoe dsl connection (213.41.184.2), loc in 192.168.0.0/24. > The versioning system is on 192.168.0.50 and is visible from inside and > outside. > This configuration worked on debian squeeze, problems appeared after upgrade, > so I suspect a bad config param I introduced... > > What I’m trying to do : access to https: on 213.41.184.2 > from 88.172.230.130 > I’d expect to have traffic redirected to 192.168.0.50. > But it works only "sometimes" : this box has nothing in logs, traffic seems > blocked on shorewall. > > After reading http://shorewall.net/FAQ.htm#faq1b I suspected routing. Here is > the route table of the gateway box : > # route -n > Table de routage IP du noyau > Destination Passerelle Genmask Indic Metric Ref Use Iface > 0.0.0.0 213.41.184.2 0.0.0.0 UG 0 0 0 ppp0 > 178.132.16.234 0.0.0.0 255.255.255.255 UH 0 0 0 ppp0 > 192.168.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1 > > Attached is status.txt as required on http://shorewall.net/support.htm.
It looks like 192.168.0.50 is not responding. From the dump: tcp 6 96 SYN_SENT src=88.172.230.130 dst=213.41.184.2 sport=50542 dport=443 [UNREPLIED] src=192.168.0.50 dst=88.172.230.130 sport=443 dport=50542 mark=0 use=2 So the SYN packet has been forwarded to 192.168.0.50 but no SYN/ACK response has been received. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Android apps run on BlackBerry 10 Introducing the new BlackBerry 10.2.1 Runtime for Android apps. Now with support for Jelly Bean, Bluetooth, Mapview and more. Get your Android app in front of a whole new audience. Start now. http://pubads.g.doubleclick.net/gampad/clk?id=124407151&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
