[Shorewall-users] Is working only inside eth1...
teastep at shorewall.net
Sat Apr 3 13:51:05 PST 2004
Mauricio Cavalcanti wrote:
> Sorry twice. When i told the problem to administrator and that i was
> thinking to put in
> list to get help, he ask me to fake ip addresses. Really sorry.
> ETH0: external interface and ip address 126.96.36.199
> ETH1: internal interface and ip address 188.8.131.52
> So, loc:184.108.40.206 is right, but fw:220.127.116.11 is a crazy thing.
No -- loc:18.104.22.168 is nonsense if 22.214.171.124 the address of an
interface on the firewall. All IP addresses owned by the firewall are in
the fw zone!
> 126.96.36.199 is a e-mail (smtp and pop) and http (webmail) server.
> All of services must run in eth1 ip address (don´t ask me why, but have
I don't understand what that means.
> If i´m in firewall console, i ping everything (eth0, eth1, inside
> network and internet).
> If i´m in Windows machine connected to eth1, i ping eth0 and eth1
> firewall interfaces,
> but i cannot see or ping internet until i put "eth1 eth0" line in masq
> files and reload
> shorewall. That´s why i think it´s not a router, but a firewall problem.
No, it is *not* a firewall problem. Adding SNAT compensates for routing
> Nobody in internet see eth1, but ping eth0.
It's a routing problem.
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep at shorewall.net
More information about the Shorewall-users