| Home | Register | Members | Search | Links |
 |
| Thread Tools | Display Modes |
|
Guest
Posts: n/a
|
Hi gang,
I've got a problem with shorewall, it keeps dropping packets when it should be DNATing them. I want all connections on a tcp port 4662 to be forwarded to a machine on my network (192.168.0.5) - the port is used for mldonkey (P2P app). It seems to be partially working - loads of packets are being DNAT'ed but some are not - I cant figure out why! The firewall (192.168.0.1) is running RH9 with kernel 2.4.20-8, iptables v1.2.7a and shorewall version 1.4.6a Line in /etc/shorewall/rules... DNAT net loc:192.168.0.5 tcp 4662 but here's the bit in /var/log/messages that says its dropping packets.... Nov 11 01:11:49 potchin kernel: Shorewall:logdrop  ROP:IN=ppp0 OUT=eth0SRC=201.128.9.30 DST=192.168.0.5 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=6299 DF PROTO=TCP SPT=3187 DPT=4662 WINDOW=16384 RES=0x00 SYN URGP=0 One thing I did think about was my external interface - its an ADSL connection with a dynamic IP that is occasionally dropped for IP renewal. I have not set the firewall to restart or anything when the IP does change - I dont think it need to. All internal IPs are static. I'm no guru on firewalls and haven't really fiddled with the default settings that much so not sure what else you might need. If you need to see some more config files then I can put them online if it helps. As always, all suggestions welcome. Regards Jeff |
|
|
|
|||
|
|
| |
|
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Shorewall | Kees de Koster | Linux Networking | 3 | 06-29-2005 05:48 AM |
| shorewall and ip-forwarding | no#4me | Linux Networking | 2 | 03-11-2005 05:36 AM |
| Problems with DNAT. | P. Kenter | Linux Networking | 3 | 03-04-2005 04:07 PM |
| shorewall and tuntap | Javen Thyme | Linux Networking | 0 | 04-02-2004 03:17 AM |
| Shorewall woes... | Eugene van Rooyen | Linux Networking | 0 | 07-01-2003 12:00 PM |
Linear Mode
