On Thu, Jan 19, 2023 at 08:28:00AM -0700, Shorewall via Shorewall-users wrote:
> On 2023-01-18 23:52, Simon Matter wrote:
> > Hi,
> > 
> > > I am trying to route traffic from LOC to a network I have configured in
> > > the routes file.
> > 
> Everything in LOC has the firewall running shorewall configured as the
> Default Gateway.  Also, as mentioned in the original post with the entry in
> the routes file routing works as expected from the firewall.  Also mentioned
> in the original post, is when everything is allowed in shorewall via the
> entry in the policy file, everything routes as expected from the LOC
> network.  To me this says that "routing" works but the firewall is blocking.
> I may be wrong, but that is the assumption I am making since I have actually
> made a connection from LOC to the network exposed in kubernetes network.  I
> am assuming I need a RULE to allow the traffic to pass, but since the
> kubernete network is not a ZONE, I am not really sure how that would look.

Find where your kernel logfile is (/v/l/messages?) and see what it says
when the packets are being rejected.  It ought to indicate the source
and dest zones.  Add the necesary things to ./rules.

If you're trying to connect loc=>loc, then you need "routeback"

If there's really no zone for it, maybe that's itself the problem.

-- 
Justin


_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Reply via email to