Shorewall for web server?
tim at birdsnest.maths.tcd.ie
Mon Dec 26 12:45:21 UTC 2005
I have shorewall working perfectly on my little home LAN,
using the two-interfaces configuration
Now I'd like to allow access to a web-server (httpd)
on my shorewall machine - a desktop computer
connected to the internet through an ADSL modem.
I'm finding this surprisingly difficult;
I've added the two lines
DNAT net loc:192.168.1.1 tcp 80 - 126.96.36.199
DNAT net loc:192.168.1.1 tcp www
to the shorewall rules (and re-started shorewall and httpd)
but when I try to access the web-server from outside
I get many warnings in /var/log/messages of the form
Dec 26 10:13:47 alfred kernel: Shorewall:net2all:DROP:IN=ppp0 OUT=
MAC= SRC=188.8.131.52 DST=184.108.40.206 LEN=48 TOS=0x00 PREC=0x00
TTL=117 ID=58867 DF PROTO=TCP SPT=3849 DPT=1433
WINDOW=16384 RES=0x00 SYN URGP=0
I attach the output of iptables -L .
Any advice or suggestions gratefully received;
in particular if anyone is running shorewall in a similar setup
I should be most grateful to see their /etc/shorewall/rules file.
e-mail (<80k only): tim /at/ birdsnest.maths.tcd.ie
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
More information about the fedora-list