Menu
▾
▴
Re: [Shorewall-users] logging router running shorewall in the DMZ VM in NAT mode running behind
|
From: Tom E. <te...@sh...> - 2017-05-14 23:41:09
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 05/14/2017 10:07 AM, Zenny wrote: > Hi, > > I appended "*.* @@<IP_of_LocalVM_in_NATted_DMZ>:514" in the router > running shorewall so that I can centralize logging, but it does > not log, although port 514 has been DNATed to the local DMZ VM in > shorewall rules. However, logging from all other shorewall > firewall from remote instances works with "*.* @@<Public IP with > shorewall host>:514. > > Is there a specific rule need to be added for such scenario? Inputs > appreciated! > You need to open port 514 from the fw do the DMZ VM. - -Tom - -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJZGOsMAAoJEJbms/JCOk0QsskQAJVWfsMOYFTO7zTJMe3QflVo ue2uAaxphZTvJ+Maz/tEH4WC8H/NuBW8LfjiT5Z8tlFNlOOii+DKDXK7Hgqaqw2W IIswMfBAYG//G+kYLi/J7wTYNXHUyN8CXE3MzXisaDtNYrSGVifhQbY8EXOMKZVV tkdaPBvkol9GuROxNLH74bRwpKQOZUwNeYbcbZUxnYF3gwRrQK5kqM3pO5C/iKtf YOBtJypW/MTcvOkSnL1GA1LCWo4PLA26fdIrEeS/PssmsTbev/HE2+/YhpoexOIF lbTz6lln/bCqPOJHi5xWDFGlQt9p1cTk7PcwIf5HeubA47fQp1zWeiH3HBe/YgUX a/KjFKf/Kt7T/+4SZmoNzqQlISBo6BqJEk2c3m25Ik/ldqEfZ6P1yBF0fs27/Ta3 rjAE1iEdkRvfh48luG4e4e9elNGTXf2TgRHKcqzZpL05m34HnWIhaIbqQmigYhDP /4rf0d0KZ8TkfEZfp7iZGXzjWkoM4+parO+nUW3O9gbcGxJqWhCTgCSagi26Cyby +REHdxyvOSdsFnn7GHfrUwkNVYs4D8ruu4rbqAg0mJK9SMf1MVDGPOJf2U2/WSlM tEAuE9oT4rDxnbGlTMX6/LvpHtKZhGctFh3WqV+tSd1zWgfjkntZo/xmmQSa4ndd uDtPcZU+8tF7H8baHAeP =cIf0 -----END PGP SIGNATURE----- |