[Shorewall-newbies] Probelm with DNAT (Portforwarding)

Tom Eastep teastep at shorewall.net
Sun Jan 4 17:33:55 PST 2004

On Mon, 5 Jan 2004, Roger Zueger wrote:

> DNAT:info       net     loc:  tcp     80      -
> If I try to connect (from the internet [net]) my internal www-server the
> firewall write the following line in  syslog:
> Jan  5 00:42:30 net_dnat:DNAT:IN=eth0 OUT= SRC=
> DST= LEN=60 TOS=0x10 PREC=0x00 TTL=53 ID=47877 DF PROTO=TCP
> SPT=10459 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0
> But no connection will be etablished. I don't know why, because if I try to
> connect my webserver from the firewall [fw] it works perfekt! I'm using
> shorewall 1.4.8 on a debian 3.0 (woody) system with kernel 2.4.18.

You have completed the first step in diagnosing port forwarding problems.
Please see FAQs 1a and 1b for more things to check.

Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net

More information about the Shorewall-newbies mailing list