[Shorewall-users] Shorewall not recognizing 'fw'?

Tom Eastep teastep@shorewall.net
Tue, 29 Jan 2002 06:38:50 -0800


On Tuesday 29 January 2002 04:28 am, Jim Hubbard wrote:
> > -----Original Message-----
> > From: shorewall-users-admin@shorewall.net
> > [mailto:shorewall-users-admin@shorewall.net]On Behalf Of FancyLad
> > Sent: Monday, January 28, 2002 8:30 PM
> > To: shorewall-users@shorewall.net
> > Subject: [Shorewall-users] Shorewall not recognizing 'fw'?
> >
> >
> > ./zones
> > net     Net             Internet loc     Local           Local networ=
ks
> > dmz     DMZ             Demilitarized zone
> >
> >
> > ./policy
> > loc             all             ACCEPT
> > fw              all             ACCEPT
> > net             all             DROP            info
> > all             all             REJECT          info
> >
> > It's apparent that it's being dropped because it's matching the all2a=
ll
> > chain, but shouldn't it match the loc2fw chain?  10.0.0.2 is my win b=
ox
> > and 10.0.0.1 is my shorewall box.
>
> Maybe I'm wrong here, but don't you need the loc zone defined in ./zone=
s?

The problem here turned out to be that the original poster misunderstood =
the=20
way that install.sh works on upgrade. He thought it would overwrite exist=
ing=20
config files which it does not.

-Tom
--=20
Tom Eastep    \ A Firewall for Linux 2.4.*
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net