Hi
I am setting up shorewall as my router but currently I can't connect to
anything on the `net` from machines on `loc`. I am running shorewall
5.0.15.6-1 on armbian, kernel 4.14.14, aarch64.
Things I checked:
* I can access stuff on the `net` just fine from the firewall
* I Set IP_FORWARDING=Yes in /etc/shorewall/shorewall.conf.
I can connect from the `net` to the `fw`. I have dnsmasq on the firewall
and I am currently getting proper DHCP and DNS. I can ping both the (fw)
LAN address (192.168.2.1) and the WAN address (192.168.1.113) from the
machines on `loc`.
The firewall can access internet properly, but anything on `loc` just gets
the packets (tcp, udp, icmp) dropped.
I am missing ` /etc/shorewall/masq` but it was not provided on
`/usr/share/doc/shorewall/examples` by the debian package.
My interfaces file
net wan
dhcp,tcpflags,nosmurfs,routefilter,logmartians,sourceroute=0
loc lan0 dhcp,tcpflags,nosmurfs,routefilter,logmartians
=====================
On my rules I have
ACCEPT loc net tcp
ACCEPT loc net udp
ACCEPT loc net icmp
ACCEPT $FW loc all
======================
Policy (default)
loc net ACCEPT
net all DROP info
# THE FOLLOWING POLICY MUST BE LAST
all all REJECT info
What am I doing wrong?
Also - I am not getting anything on /var/log/messages - no idea why, even
tried to do `shorewall debug restart` but no dice.
David
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
