Menu
▾
▴
Re: [Shorewall-users] Route problem?
|
From: Tom E. <te...@sh...> - 2002-10-29 18:58:16
|
David Silva wrote: > Hello! > > What this log could tell me to find a solution? > > "Oct 29 13:21:05 nordy kernel: Shorewall:all2all:REJECT:IN=eth2 OUT=eth0 > SRC=192.168.1.2 DST=64.xxx.xxx.xxx LEN=117 TOS=0x00 PREC=0x00 TTL=63 > ID=0 DF PROTO=UDP SPT=33146 DPT=161 LEN=97 " > > eth2 is my dmz interface at firewall and eth0 is my Internet interface. > I can ping from dmz server to eth0, but not to Internet. It's a route > problem or it could be a erro at my rules? > In the future, please refer to http://www.shorewall.net/FAQ.htm#faq17 -- it will tell you why this particular message is being issued. In your case, you need an SNMP rule from the dmz zone to the net zone. You can interpret the above message with the help of the information at http://www.shorewall.net/troubleshoot.htm. Finally, if you want to be able to ping from the dmz to the net you have to enable it. I'm sorry but I don't have the time to walk you through ping configuration right now. -Tom -- Tom Eastep \ Shorewall - iptables made easy AIM: tmeastep \ http://www.shorewall.net ICQ: #60745924 \ te...@sh... |