On 9/7/2014 7:45 PM, Grant Pasley wrote: > good day all > > i have shorewall-4.6.3.2 running on centos 2.6.32-431.23.3.el6.x86_64. i > have 2 ethernet interfaces, eth0 and eth1. eth0 is lan 192.168.65.0/24 > and eth1 is only used for a pppoe adsl account with dynamic ip address > from isp. > i am trying to forward incoming remote desktop connections to a windows > server, the connections are hitting the firewall but not getting as far > as the windows server. i have the following info: > > vim /etc/shorewall/rules > > DNAT net loc:192.168.65.2 tcp 3389 > > shorewall show nat: > > Chain net_dnat (1 references) > pkts bytes target prot opt in out source destination > 0 0 DNAT tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:3389 to:192.168.65.2 > > tail -f /var/log/messages: > > Sep 7 22:41:33 sentinel kernel: Shorewall:xis-fw:ACCEPT:IN=ppp0 OUT= > MAC= SRC=120.146.190.53 DST=197.87.29.171 LEN=52 TOS=0x18 PREC=0x00 > TTL=99 ID=6044 DF PROTO=TCP SPT=56452 DPT=3389 WINDOW=8192 RES=0x00 SYN > URGP=0 > > so as per above, connection hits firewall, is accepted, knows to forward > to windows server, but no traffic being passed on to windows server if > you look at the packets and bytes in the dnat chain. > can anyone enlighten me on what i am missing perhaps? i have been going > over and over the config for days and cannot seem to find anything?
Have you looked at the port forwarding troubleshooting tips in FAQs 1a and 1b? The above log message verifies the first step of the tips, but there are others. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
