Results 1 to 1 of 1
Hello Linux Community I am trying to use a PC as Gateway/Router. I installed Debian Sqeeze and Shorewall and configured all. This is a Testing Enviroment. Hier some Information: ETH0 ...
Enjoy an ad free experience by logging in. Not a member yet? Register.
- 05-06-2011 #1
- Join Date
- May 2011
[SOLVED] Shorewall Problem NAT
I am trying to use a PC as Gateway/Router. I installed Debian Sqeeze and Shorewall and configured all. This is a Testing Enviroment.
Hier some Information:
ETH0 = PPP0 (Network or ISP is configured, the Shorewall-pc is able to connect to the internet)
ETH1 = loc (loc is my local network)
DNS(local) = 192.168.88.3
Cannot get it worked, so i guess my problem is NAT because i tried to apply all rules and it still would not work.
The main problem ist to get in the internet with an local PC. My firewall(Shorewall) is able to access in the internet and to my local Network. For example "ICMP" PING works. When i try to ping on a local PC to the internet i have the feeling it gets out, but I get no request.
I guess it can only be two problems:
1. It is not allowed.
2. NAT wount work.
here is a bit of my LOG, maybe the interfaces are wrong configured, but I dont think so:
May 5 20:31:28 FORWARD:REJECT:IN=eth1 OUT=ppp0 SRC=192.168.88.3 DST=220.127.116.11 LEN=66 TOS=0x00 PREC=0x00 TTL=127 ID=20716 PROTO=UDP SPT=52923 DPT=53 LEN=46 May 5 20:31:31 loc2fw:ACCEPT:IN=eth1 OUT= SRC=192.168.88.238 DST=192.168.88.255 LEN=78 TOS=0x00 PREC=0x00 TTL=64 ID=25292 PROTO=UDP SPT=50744 DPT=137 LEN=58
Screenshot of network config:
Bildschirmfoto 2011-05-05 um 20.15.39.jpg
Bildschirmfoto 2011-05-05 um 20.15.47.jpg
Screenshot of Shorewall LOG:
Bildschirmfoto 2011-05-05 um 20.34.45.jpg
Screenshot of Shorewall:
Bildschirmfoto 2011-05-05 um 20.17.29.jpg
Hope somebody got some support for me
EDIT: SOLVED, my eth0 is also my network adapter for DSL Modem. so I defined it "ppp0" or DEBIAN defined it. The Shorewall /interfaces was wrong configured. I did not need to define "eth0" I just have to use "ppp0".
That was the last thing on my mind, but I recognized it as I saw a different Debian Documentation for Firewalls.
Last edited by mrd23; 05-06-2011 at 03:31 PM.