Hi gang, I've got a problem with shorewall, it keeps dropping packets when it should be DNATing them. I want all connections on a tcp port 4662 to be forwarded to a machine on my network (192.168.0.5) - the port is used for mldonkey (P2P app). It seems to be partially working - loads of packets are being DNAT'ed but some are not - I cant figure out why! The firewall (192.168.0.1) is running RH9 with kernel 2.4.20-8, iptables v1.2.7a and shorewall version 1.4.6a Line in /etc/shorewall/rules... DNAT net loc:192.168.0.5 tcp 4662 but here's the bit in /var/log/messages that says its dropping packets.... Nov 11 01:11:49 potchin kernel: Shorewall:logdrop:DROP:IN=ppp0 OUT=eth0 SRC=201.128.9.30 DST=192.168.0.5 LEN=48 TOS=0x00 PREC=0x00 TTL=113 ID=6299 DF PROTO=TCP SPT=3187 DPT=4662 WINDOW=16384 RES=0x00 SYN URGP=0 One thing I did think about was my external interface - its an ADSL connection with a dynamic IP that is occasionally dropped for IP renewal. I have not set the firewall to restart or anything when the IP does change - I dont think it need to. I'm no guru on firewalls and haven't really fiddled with the default settings that much so not sure what else you might need. If you need to see some more config files then I can put them online if it helps. As always, all suggestions welcome. Regards Jeff -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
