teastep at shorewall.net
Tue Oct 21 11:12:08 PDT 2003
On Tue, 2003-10-21 at 09:51, Steve Postma wrote:
> The DNAT from the loc zone seems to not be working
> correctly. If I make a web request from the loc zone with a sniffer in both
> loc and dmz, I can see the request in both zones but the reply in only the
> dmz. The packets returning to loc seem to be getting dropped inbetween
> zones. There is nothing in /var/log/messages. DNAT's from the net zone are
> passing traffic. I tried a shorewall restart, no change to the loc problem.
> Any ideas ?
Are the replies in the DMZ being sent to the proper host (is the
destination MAC address that of the firewall's DMZ interface)?
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-users