On Thu, Jan 19, 2023 at 08:28:00AM -0700, Shorewall via Shorewall-users wrote: > On 2023-01-18 23:52, Simon Matter wrote: > > Hi, > > > > > I am trying to route traffic from LOC to a network I have configured in > > > the routes file. > > > Everything in LOC has the firewall running shorewall configured as the > Default Gateway. Also, as mentioned in the original post with the entry in > the routes file routing works as expected from the firewall. Also mentioned > in the original post, is when everything is allowed in shorewall via the > entry in the policy file, everything routes as expected from the LOC > network. To me this says that "routing" works but the firewall is blocking. > I may be wrong, but that is the assumption I am making since I have actually > made a connection from LOC to the network exposed in kubernetes network. I > am assuming I need a RULE to allow the traffic to pass, but since the > kubernete network is not a ZONE, I am not really sure how that would look.
Find where your kernel logfile is (/v/l/messages?) and see what it says when the packets are being rejected. It ought to indicate the source and dest zones. Add the necesary things to ./rules. If you're trying to connect loc=>loc, then you need "routeback" If there's really no zone for it, maybe that's itself the problem. -- Justin _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
