Re: Using shorewall

[john <johnsong@kos.net>]

-----Original Message-----
From: Beeman <beemanp78@gmail.com>
To: debian-firewall@lists.debian.org
Subject: Re: Using shorewall
Date: Thu, 12 Feb 2009 16:12:39 -0800
Mailer: Thunderbird 2.0.0.19 (Windows/20081209)

Try tossing a copy of webmin on your box. I find the shorewall plugin to
be helpful. Paolo is right, the interfaces need to be initialized
in /etc/network/interfaces. If you dig through the init scripts, you'll
find this script is called before the typical firewall script. Now I
don't recall if shorewall tries to own that or not. Have to check the
docs.

-sp

Paolo wrote: 
> On Thu, Feb 12, 2009 at 03:05:14PM -0500, john wrote:
> ...
>   
> > I have set up shorewall with eth0 going to my existing d-link router.
> > eth1 and eth2 are planned for a dmz and a loc. I have used the setup and
> >     
> 
> what's your final /etc/network/interfaces ?
> what do ifconfig(8) or ip(8) report?
> 
>   
> > lines from /var/log/shorewall-init.log):
> > 
> > Setting up masquerading/SNAT....
> >   ERROR: Unable to determine routes through interface "eth1"
> >     
> 
> perhaps some more log line would help ? ...
> 
>   
-- To UNSUBSCRIBE, email to debian-firewall-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact
listmaster@lists.debian.org


Thanks to both of you for the help - you have given me some pointers to
try over this weekend. I'll report back with the solution or more
questions.


John