Hi there,firstly let me say that I really like shorewall and have been using it for years to do exactly what I'm having issues with now.
It all worked swimmingly up until ubuntu 18.04 and shorewall version 5.2.3.4 where the masq file went away.
The set up is as follows.I have a network sitting an the end of an ipsec vpn (146.178.211.0/24) and a lan and open vpn connection that need to get to that machine.
In the previous versions this was all handled by masq and worked like a dream.
Now that its been converted to snat, I can't for the life of me get it to forward the traffic.
traceroutes look, for all the world, like the lan traffic is just pumped out the default route each time.
I can ping the machines from the firewall itself no issues.The lan is on 192.168.122.x/24. I have done some packet captures and can't see the ipsec interface getting hit at all.
I am at a loss as the what I've done wrong. I would really appreciate some help.
I am attaching the shorewall_dump.txt file, however the dump did terminate with
grep: /proc/net/nf_conntrack: No such file or directory Error: ipv4: FIB table does not exist. Dump terminated so I'm not sure if its complete or not.Thanks so much in advance. A linux bloke with enough networking to be dangerous.
Peter.
shorewall_dump.txt.gz
Description: application/gzip
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
