________________________________ From: Tom Eastep <[email protected]> > > Before you do that, take a look at your dmz->fw rules -- you are only > allowing ports 80 and 443 to a restricted set of hosts with private IP
> addresses The first rule below solves my issue. The second rule (commented out) does not. ACCEPT dmz $FW tcp 80,443 # ACCEPT dmz $FW:192.168.210.1,10.215.144.91,10.215.145.81,10.215.145.241,10.215.145.242 tcp 80,443 The private IP addresses are set on $FW's NICs. I take it I misconfigured that, as the DIVERT&TPROXY actions require I allow all DST for ports 80,443. Thanks! Vieri ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
