[Shorewall-newbies] Realplayer not working

Francesca C Smith fsmith at ladylinux.com
Fri Dec 5 18:37:52 PST 2003

Ok I am starting to see the issue

At 05:49 AM 12/5/2003, you wrote:
>net     ppp0    detect
>wlan    wlan0   detect  dhcp

>loc     eth1    detect

Ok .. This is fine .. Except One Caveat Listed Below

>wlan            net             ACCEPT          -
>loc             net             ACCEPT          -
>$FW             all             ACCEPT          -
>net     all     DROP    info
>all     all     REJECT  info

Ok .. This is fine also

>DROP:info       net     all     tcp     -       -
>DROP:info       net     all     udp     -       -
>DNAT:info       net     wlan:        udp
>1271,6790:7170,7070,7071        -
>ACCEPT  wlan:~00-09-5B-12-35-54 $FW     tcp     ssh,https,www,10000,3306
>    -
>ACCEPT  wlan:~00-09-5B-12-35-54 $FW     udp     ssh,https,www,10000,3306
>    -

Heres where it gets screwy ..

Lose (These Are Duplicates of the entries in your policy file)

DROP:info       net     all     tcp     -       -
DROP:info       net     all     udp     -       -

You don't need Inbound rules with Real .. Unless you like real pop-ups

Lose ( You Use DHCP With That Laptop Right .. You Are Binding It To A 
Gateway address I figure ... And When You Use 6790:7170 it covers 7070 and 

DNAT:info       net     wlan:        udp 

I am assuming that the wlan:~ listings are the interface on your debian 
client .. If so they should be ok for Firewall maintenace .. although 
ssh,https,www,10000(webmin) don't use UDP so you can remove those entrys . 
I am not sure what 3306 is ..

ppp0    eth1
ppp0    wlan0

This is wrong .. the second masq entry should be

ppp0    wlan

Couple more questions .. where are you getting DNS from with the client and 
can you send me your routing entrys for the shorewall box



"No Problems Only Solutions"
Francesca C. Smith
Lady Linux Internet Services
fsmith at ladylinux.com

More information about the Shorewall-newbies mailing list