On 12/18/18 4:24 AM, HÖGLUND, Göran via Shorewall-users wrote: > Thanks! > This works perfect, I have a follow up question though and this may be the > cause to my real problem. > Instead of a dns server in the dmz zone I'd like to reach a dns server over a > openvpn connection. > > The tunnel device tun9 is defined as a zone, we use the tunnel to reach the > firewall from a Nagios server where the tunnel terminates. > Tcpdump show traffic entering the tunnel and it looks fine from the Shorewall > perspective in the client. > On the server side the dns traffic from my host on the local lan on the > client is missing.
If tcpdump see outgoing traffic, then the configuration on that end is okay. > > When I start Shorewall I get a warning about the tunnel > WARNING: Optional Interface tun9 is not usable -- tun9 not Started Try 'shorewall enable tun9'. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
