[Shorewall-newbies] RealPlayer and Shorewall- Getting closer

Oliver Ertl 76729 at gmx.de
Sat Dec 6 18:14:28 PST 2003


Hi,

I figured out, the the packets are arriving at the net_dnat chain on the
router.
But the Router/Firewall is not forwarding the packets to the client.

I hope you could help me to find out the problem.

Oliver


Here is a output of 'shorewall show nat' and also my Routing table:

# shorewall show nat
Shorewall-1.4.8 NAT at Router - Sat Dec  6 18:10:14 CET 2003

Counters reset Sat Dec  6 18:04:37 CET 2003

Chain PREROUTING (policy ACCEPT 171 packets, 10529 bytes)
 pkts bytes target     prot opt in     out     source              
destination         
    4   702 net_dnat   all  --  ppp0   *       0.0.0.0/0           
0.0.0.0/0          

Chain POSTROUTING (policy ACCEPT 1 packets, 520 bytes)
 pkts bytes target     prot opt in     out     source              
destination         
  165  9899 ppp0_masq  all  --  *      ppp0    0.0.0.0/0           
0.0.0.0/0          

Chain OUTPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source              
destination         

Chain net_dnat (1 references)
 pkts bytes target     prot opt in     out     source              
destination         
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0           
217.230.57.58      tcp dpt:554 to:192.168.2.1 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0           
217.230.57.58      tcp dpts:6970:7170 to:192.168.2.1 
    0     0 DNAT       tcp  --  *      *       0.0.0.0/0           
217.230.57.58      tcp dpt:8554 to:192.168.2.1 
    0     0 DNAT       udp  --  *      *       0.0.0.0/0           
217.230.57.58      udp dpt:554 to:192.168.2.1 
    1   520 DNAT       udp  --  *      *       0.0.0.0/0           
217.230.57.58      udp dpts:6970:7170 to:192.168.2.1 
    0     0 DNAT       udp  --  *      *       0.0.0.0/0           
217.230.57.58      udp dpt:8554 to:192.168.2.1 

Chain ppp0_masq (1 references)
 pkts bytes target     prot opt in     out     source              
destination         
  165  9899 MASQUERADE  all  --  *      *       192.168.2.0/24      
0.0.0.0/0          
    0     0 MASQUERADE  all  --  *      *       192.168.3.0/24      
0.0.0.0/0          

# route -n
Kernel IP routing table
Destination     Gateway         Genmask         Flags Metric Ref    Use
Iface
217.5.98.11     0.0.0.0         255.255.255.255 UH    0      0        0 ppp0
192.168.3.0     0.0.0.0         255.255.255.0   U     0      0        0 eth1
192.168.2.0     0.0.0.0         255.255.255.0   U     0      0        0
wlan0
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
0.0.0.0         217.5.98.11     0.0.0.0         UG    0      0        0 ppp0

-- 
Einfach Leben ist nicht genug, sagte der
Schmetterling. Man braucht Sonnenschein,
Freiheit und kleine Blumen. (Anderson)

+++ GMX - die erste Adresse für Mail, Message, More +++
Neu: Preissenkung für MMS und FreeMMS! http://www.gmx.net




More information about the Shorewall-newbies mailing list