[Shorewall-users] Port forwarding to network zone and tunneling advice

Tom Eastep teastep at shorewall.net
Mon Dec 15 18:32:51 PST 2003

On Mon, 15 Dec 2003, Dark Ryder wrote:

> On 2003.12.15 17:03:03, Tom Eastep wrote:
> > Apparently -- that wasn't an error but was rather the expected result of 
> > your old rule (that included ":info" after DNAT).
> That doesn't seem to be it; remote clients get a "connection timed out".  I
> pulled the ":info" off to make sure that wasn't it, but clients still get the
> same results (though no entry in the Shorewall log, now).

Of course -- it's the ":info" that generates the message.

> Tested to make sure
> the clients can still connect directly (i.e. that it's not a problem on their
> end), but that's all still okay.

What does "shorewall show connections" look like WRT the client's 
connection while this is going on?

Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net

More information about the Shorewall-users mailing list