[Shorewall-newbies] eth1 to eth1 cross network problem

Garrett Johnson garrettj at annalee.com
Tue Jan 20 12:20:16 PST 2004

Sorry my Linux based web email defaults to html.   I believe I understand=
setting however I don't believe this is accessible in the Webmin interfac=
e for shorewall.

Here is the original "post".=20


We have a Three Interface firewall/proxy setup with Shorewall. =20

eth0-Gigabit/Power Users
eth1-regular users - 100VG anylan
eth2 - Internet Connection -> Internet Router

The firewall is working to the outside and between the interfaces as expe=
cted.  However we also have a seperate internal network=20 that is routed on eth1 through then to o=
n arcnet then back to on an ethernet network (its=20
2000 feet of underground arcnet cable).  From eth0 I can ping and view ev=
erything on the network however shorewall is=20
rejecting the connection in the FORWARD chain and the all2all chain.

Jan 20 10:17:16 FORWARD:REJECT:IN=3Deth1 OUT=3Deth1 SRC=3D10.1.1.128 DST=3D= LEN=3D60 TOS=3D0x00 PREC=3D0x00 TTL=3D127=20


Jan 20 10:17:59 all2all:REJECT:IN=3D OUT=3Deth1 SRC=3D10.1.1.55 DST=3D10.=
1.1.128 LEN=3D120 TOS=3D0x00 PREC=3D0xC0 TTL=3D64 ID=3D4392=20
PROTO=3DICMP TYPE=3D11 CODE=3D0 [SRC=3D10.1.1.128 DST=3D10.1.5.145 LEN=3D=
92 TOS=3D0x00 PREC=3D0x00 TTL=3D1 ID=3D591 PROTO=3DICMP TYPE=3D8=20
CODE=3D0 ID=3D512 SEQ=3D3840 ]=20

I have a rule that says any local(eth0,eth1) to any local ACCEPT. =20

I don't know where I tell the local zone that and ar=
e local networks.

I am using the webmin interface to configure shorewall.

Garrett Johnson
MIS Manager
Annalee Mobilitee Dolls, Inc.

---- Msg sent via Annalee Mobilitee Dolls - http://www.annalee.com/

More information about the Shorewall-newbies mailing list