Re: [Shorewall-users] Access to my public address from the local hosts?

Mon, 25 Jun 2018 08:23:32 -0700 

Thanks Tom,
I've added a line you propose to the /etc/shorewall/rules file.
Unfortunately I receive an error:

ela@akacja:~$ sudo shorewall check
Checking using Shorewall 5.1.12.2...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Checking /etc/shorewall/zones...
Checking /etc/shorewall/interfaces...
Determining Hosts in Zones...
Locating Action Files...
Checking /etc/shorewall/policy...
Adding Anti-smurf Rules
Adding rules for DHCP
Checking TCP Flags filtering...
Checking Kernel Route Filtering...
Checking Martian Logging...
Checking /etc/shorewall/snat...
Checking MAC Filtration -- Phase 1...
Checking /etc/shorewall/maclist...
Checking /etc/shorewall/rules...
   WARNING: The destination zone (fw) is ignored in DNAT rules /usr/share/shorewall/macro.SSH (line 9) 
      from /etc/shorewall/rules (line 16)
   ERROR: Invalid/Unknown tcp port/service (46.aaa.bbb.ccc) /usr/share/shorewall/macro.SSH (line 9) 
      from /etc/shorewall/rules (line 16)
Should I define somehow my public IP address in the /etc/shorewall configuraton files before I add a new line in the /etc/shorewall/rules? 
Regards,
Bern

W dniu 2018-06-25 o 16:32, Tom Eastep pisze:

On 06/25/2018 12:15 AM, Bern D wrote:

Hi,
I use Ubuntu server 18.04 which is configured as a home router, gate,
firewall.
My ISP give me local IP address 192.168.15.145 which is seen from the
internet as public address 46.xxx.xxxx.xxxx.
I can login on my Ubuntu server (SSH) from local LAN or WLAN hosts
(using 10.10.10.1 and port 2225)
but cannot login using public address 46.xxx.xxx.xxxx from my LAN/WLAN.
At the same time I can login to my server using address 46.xxx.xxx.xxxx
from other devices (eg my phone or tablet connected to GSM/LTE network).
How to change Shorewall configuration to enabe SSH access to my public
address 46.xxx.xxxx.xxxx from the local hosts?

In rules:

SSH(DNAT-)      loc     $FW:10.10.10.1  -       -       46.xxx.xxx.xxx

-Tom


------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot


_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users



------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to