On 10/10/2020 7:55 AM, Peter Nunn wrote: > Hi there, > > firstly let me say that I really like shorewall and have been using it > for years to do exactly what I'm having issues with now. > > It all worked swimmingly up until ubuntu 18.04 and shorewall version > 5.2.3.4 where the masq file went away. > > The set up is as follows. > > I have a network sitting an the end of an ipsec vpn (146.178.211.0/24) > and a lan and open vpn connection that need to get to that machine. > > In the previous versions this was all handled by masq and worked like a > dream. > > Now that its been converted to snat, I can't for the life of me get it > to forward the traffic. > > traceroutes look, for all the world, like the lan traffic is just pumped > out the default route each time. > > I can ping the machines from the firewall itself no issues. > > The lan is on 192.168.122.x/24. I have done some packet captures and > can't see the ipsec interface getting hit at all. > > I am at a loss as the what I've done wrong. I would really appreciate > some help. > > I am attaching the shorewall_dump.txt file, however the dump did > terminate with > > grep: /proc/net/nf_conntrack: No such file or directory > Error: ipv4: FIB table does not exist. > Dump terminated > > so I'm not sure if its complete or not. >
Did you update your configuration with the 'shorewall update' command? -- Matt Darfeuille <m...@shorewall.org> Community: https://sourceforge.net/p/shorewall/mailman/message/37107049/ SPC: https://sourceforge.net/p/shorewall/mailman/message/36596609/ Homepage: https://shorewall.org _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
