[Shorewall-newbies] nat works kinda

Tom Eastep teastep at shorewall.net
Wed Mar 3 15:27:01 PST 2004

On Wednesday 03 March 2004 02:31 pm, Raymond Norton wrote:
> I have a school tech that I am helping resolve a Nat problem. I know this
> is not a desired setup, but he is doing a public to private Nat on his loc
> zone. We cannot access any services via the public IP.
>  This is what I have:
> Nat file =     66.x.x.x    eth0    yes no ( have tried yes
> yes, and leaving it blank)
> .
> I can ping the public IP from the net and the firewall.
> I can bring up the web site of the server from the private  IP side, but
> not from the net.
> When I tail -f /var/log/messages it does not show any rejects or info when
> trying to access port 80 on the public IP.
> After a ping to the public IP from the net "shorewall show nat" displays:
> pkts bytes target prot opt in out source destination
> 5 284 DNAT all -- * * 66.x.x.x to:
> Any ideas what I am missing?

Incorrect default gateway on

Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net

More information about the Shorewall-newbies mailing list