[Shorewall-users] remote admin

Brian brianbreedlove at hotmail.com
Tue Oct 5 17:13:52 PDT 2004

Hello, I recently setup Shorewall 2.0.9 on a RedHat 9 machine using the two
interface quick start guide.

ip addr show:

1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet brd scope host lo
2: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:20:ed:76:dc:82 brd ff:ff:ff:ff:ff:ff
3: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
    link/ether 00:90:cc:82:50:16 brd ff:ff:ff:ff:ff:ff
    inet brd scope global eth1
4: ppp0: <POINTOPOINT,MULTICAST,NOARP,UP> mtu 1454 qdisc pfifo_fast qlen 3
    inet peer scope global ppp0

ip route show: dev ppp0  proto kernel  scope link  src dev eth1  scope link dev eth1  scope link dev lo  scope link
default via dev ppp0

Now to my problem...  I am trying to get radmin 2.1 working.  I have an odd
setup meaning that the client computer is behind a proxy and does tcp using
httport->htthost proxy tunneling.  This all works and I can connect to my
linux computer, but I cannot connect to my Windows computer.  I inserted the
following rule:

DNAT  net   loc:  tcp 4899

Before I used a Corega router and only needed to open this port.  It was
slow through the proxy tunnel, but it worked.  Now, I get a client i/o error
saying that there may be IP filtering by the computer I am trying to connect
to.  However, the only filtering would be with Shorewall.  Do I need another
rule to allow the connection?



More information about the Shorewall-users mailing list