[Shorewall-newbies] Shorewall + portsentry restart causing NAT to fail

Ow Mun Heng ow.mun.heng at wdc.com
Tue Jan 27 15:11:47 PST 2004


Shorewall version 1.4.7
iptables 1.2.7a
RH9 + Kernel 2.4.24

Hi,

	Just curious, I see that my NAT tends to hang during which
portsentry restarts 
(to logrotate I presume) and I also see the corresponding "iptables
restart".

I would need to do a /sbin/service shorewall restart to get thing moving
again. 

I should've done a iptables -L to determine if shorewall(rules) is actually
flushed
but I didn't. So, this is my other alternative.

So.. are the rules flushed? If so, how can I get portsentry to talk to
shorewall 
or whatever that whenever they decide to restart, shorewall gets restarted
as well??


BTW, does shorewall stops raw TCP packets even for root? I find that I need
to 
stop shorewall to do nmap ip_address.



Cheers,                                                 .^.
Mun Heng, Ow                                            /V\
H/M Engineering                                       /(   )\
Western Digital M'sia                                  ^^-^^
DID : 03-7870 5168                          The Linux Advocate

        


More information about the Shorewall-newbies mailing list