On 10/6/2015 2:22 PM, ricky gutierrez wrote: > Hi list , I have some problems with a static route to add , for some > reason I shorewall blocks access > > I have a file with the static route > > route-eth1 > > ADDRESS0=192.168.21.0 > NETMASK0=255.255.255.0 > GATEWAY0=192.168.20.66 > > if a machine on my network gives you ping another machine the segment > 192.168.21.0, shorewall reject ping > > look : > > Oct 4 10:10:32 fw kernel: Shorewall:FORWARD:REJECT:IN=Auto_eth1 > OUT=Auto_eth1 SRC=192.168.20.21 DST=192.168.21.15 LEN=52 TOS=0x00 > PREC=0x00 TTL=127 ID=1728 DF PROTO=TCP SPT=21754 DPT=443 WINDOW=8192 > RES=0x00 SYN URGP=0 > > I have allowed the ping > > Ping(ACCEPT) loc fw > Ping(ACCEPT) fw loc > Ping(ACCEPT) loc net > Ping(ACCEPT) net fw > >
Please see Shorewall FAQ 17. Also, see http://www.shorewall.org/Multiple_Zones.html. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
