Re: Stopping the Shorewall firewall stops my Internet connection

To: debian-user@lists.debian.org
Subject: Re: Stopping the Shorewall firewall stops my Internet connection
From: Celejar <celejar@gmail.com>
Date: Sun, 6 Mar 2011 15:01:54 -0500
Message-id: <[🔎] 20110306150154.34364b69.celejar@gmail.com>
In-reply-to: <[🔎] 20110304084812.GC31538@think.homelan>
References: <[🔎] 20110303220800.80cd98ce.jhsu802701@jasonhsu.com> <[🔎] 20110304084812.GC31538@think.homelan>

On Fri, 4 Mar 2011 10:48:12 +0200
Andrei Popescu <andreimpopescu@gmail.com> wrote:

> On Jo, 03 mar 11, 22:08:00, Jason Hsu wrote:
> > 
> > What's going on?  How can turning OFF a firewall block Internet 
> > access?  I thought that the purpose of a firewall is to BLOCK 
> > connections, not MAKE connections.
> 
> Shorewall is not just a firewall (frontend), it can be used to activate 
> the NAT, via the:
> 
> IP_FORWARDING=On
> 
> option in /etc/shorewall/shorewall.conf. It defaults to 'keep', but it's 
> very convenient to use if you already use shorewall.

IIUC (and I actually use a configuration like this with Shorewall),
turning forwarding on just causes Shorewall (or rather, the kernel) to
forward packets, without actually modifying them at all.  To get NAT
modification, you need to write a 'masq' file in Shorewall's config
directory.

Celejar
-- 
foffl.sourceforge.net - Feeds OFFLine, an offline RSS/Atom aggregator
mailmin.sourceforge.net - remote access via secure (OpenPGP) email
ssuds.sourceforge.net - A Simple Sudoku Solver and Generator

Reply to:

References:
- Stopping the Shorewall firewall stops my Internet connection
  - From: Jason Hsu <jhsu802701@jasonhsu.com>
- Re: Stopping the Shorewall firewall stops my Internet connection
  - From: Andrei Popescu <andreimpopescu@gmail.com>

Prev by Date: Assistance for Visually Impaired Student
Next by Date: Re: Xen questions
Previous by thread: Re: Stopping the Shorewall firewall stops my Internet connection
Next by thread: Please help
Index(es):
- Date
- Thread