On 9/7/2014 7:45 PM, Grant Pasley wrote: > good day all > > i have shorewall-4.6.3.2 running on centos 2.6.32-431.23.3.el6.x86_64. i > have 2 ethernet interfaces, eth0 and eth1. eth0 is lan 192.168.65.0/24 > and eth1 is only used for a pppoe adsl account with dynamic ip address > from isp. > i am trying to forward incoming remote desktop connections to a windows > server, the connections are hitting the firewall but not getting as far > as the windows server. i have the following info: > > vim /etc/shorewall/rules > > DNAT net loc:192.168.65.2 tcp 3389 > > shorewall show nat: > > Chain net_dnat (1 references) > pkts bytes target prot opt in out source destination > 0 0 DNAT tcp -- * * 0.0.0.0/0 > 0.0.0.0/0 tcp dpt:3389 to:192.168.65.2 > > tail -f /var/log/messages: > > Sep 7 22:41:33 sentinel kernel: Shorewall:xis-fw:ACCEPT:IN=ppp0 OUT= > MAC= SRC=120.146.190.53 DST=197.87.29.171 LEN=52 TOS=0x18 PREC=0x00 > TTL=99 ID=6044 DF PROTO=TCP SPT=56452 DPT=3389 WINDOW=8192 RES=0x00 SYN > URGP=0 > > so as per above, connection hits firewall, is accepted, knows to forward > to windows server, but no traffic being passed on to windows server if > you look at the packets and bytes in the dnat chain. > can anyone enlighten me on what i am missing perhaps? i have been going > over and over the config for days and cannot seem to find anything?
May we see the output of 'shorewall dump' collected as described at http://www.shorewall.net/support.htm#Guidelines? Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Want excitement? Manually upgrade your production database. When you want reliability, choose Perforce. Perforce version control. Predictably reliable. http://pubads.g.doubleclick.net/gampad/clk?id=157508191&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
