[Shorewall-newbies] How can I add a zone on a fixed public IP

Eugene Ventimiglia eventi at yahoo.com
Wed Feb 18 12:04:02 PST 2004


I've tried:

Interfaces:
-       eth0    detect  routestopped
srv     eth1    detect  routestopped

Hosts:
ofc             eth0:68.160.198.206
net             eth0:0.0.0.0/0

Policy:
$FW             all             ACCEPT
srv             all             ACCEPT
ofc             all             ACCEPT
net             all             DROP            info

When I try to connect from ofc to srv, I get the following in the log:

Feb 18 10:18:13 mkfrwsrv-nyc001 kernel: Shorewall:net2all:DROP:IN=eth0
OUT=eth1 SRC=68.160.198.206 DST=192.168.3.20 LEN=48 TOS=0x00 PREC=0x00
TTL=117 ID=12213 DF PROTO=TCP SPT=4289 DPT=3389 WINDOW=16384 RES=0x00 SYN
URGP=0

Any suggestions?
--e



More information about the Shorewall-newbies mailing list