Re: [Shorewall-users] Can't Figure Out What I'm Doing Wrong

Wed, 15 Mar 2017 18:34:00 -0700 

Ahh, I do see that and that would definitely be a problem.
What's odd though is I copied and pasted it from the sample file and I'm pretty sure it was not incorrect. Maybe that is the problem.
I just left the office and will check this out first thing in the morning. Maybe it's an issue with the CentOS RPM or I'm just a moron. The latter has a higher probability. :0 

Thanks,
Ryan

On 3/15/2017 5:57 PM, Les Niles wrote:
The masq table has the source subnet 92.168.0.0/16. Shouldn't that be 192.168.0.0/16? 

  -Les
On Mar 15, 2017, at 5:24 PM, Ryan Joiner <[email protected] <mailto:[email protected]>> wrote:
Hello, I'm doing the most simple firewall setup on CentOS 6 using Shorewall 5.1.2.4-1. It is two cards, eth0 and eth1. I'm using the two-interface sample file for snat and it seems like snat is not working. The firewall has open access to the internet and that is working fine, just PC's behind it can't get out. I've been using shorewall for over 10 years and this one has me stumped!
Also, I had setup a firewall last weekend on CentOS7 using Shorewall 5.1.2.3-1 and had this same exact issue. I downgraded to 5.0.1.4, same exact config, and everything worked perfectly. Maybe I missed something that changed since then? 

Firewall IP's
eth0 is 192.168.122.195/24
eth1 is 192.168.20.1/24
eth2 exists but is off and not being used FYI.

Device on network trying to get to internet is 192.168.20.2/24

Attached is dump.
Thank you!
<test.txt>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org <http://Slashdot.org>! http://sdm.link/slashdot <http://sdm.link/slashdot> 
_______________________________________________
Shorewall-users mailing list
[email protected] <mailto:[email protected]> 
https://lists.sourceforge.net/lists/listinfo/shorewall-users



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to