On 6/19/2014 2:47 PM, Dr. Harry Knitter wrote: > Dear list members, > > > I'm really frustated about not being able to get a Debiand Wheezy machine > routing packets from the internal network to the external interface. > > The machine has two nics eth0 (internal) and eth1 (external), the latte > pointing to a dsl-router. > > The internal net is 192.168.0.0/24 the external, consisting only oft the > external nic and the dsl-router is 192.168.120.0/24 > > I have swichted on IP-forwarding in /etc/sysctrl.conf and in shorewall.conf. > > My configuration files are: > > <interfaces> > ext eth1 detect > int eth0 detect > </interfaces> > > > <zones> > firew firewall > ext ipv4 > int ipv4 > </zones> > > <masq> > eth0 eth1 > eth1 eth0 > </masq> > > Since having tried almost everything I only have a policy file which (for the > moment) leaves everything open. > > <policy> > all all ACCEPT info > </policy> > > I cannot ping the external interface from an internal client. >
Then the internal client probably has the wrong default gateway. It should be set to the IP address of the firewall's LAN interface. This and other hints are available in Shorewall FAQ 15. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions Find What Matters Most in Your Big Data with HPCC Systems Open Source. Fast. Scalable. Simple. Ideal for Dirty Data. Leverages Graph Analysis for Fast Processing & Easy Data Exploration http://p.sf.net/sfu/hpccsystems
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
