Firewall Setup / Shoreline

Karl-Heinz Schulz karlheinz at khschulz.com
Sat Nov 24 04:38:50 UTC 2007 

Yes -  I want to access the firewall machine from the outside/

-----Original Message-----
From: ubuntu-users-bounces at lists.ubuntu.com
[mailto:ubuntu-users-bounces at lists.ubuntu.com] On Behalf Of Bruce Marshall
Sent: Friday, November 23, 2007 6:32 PM
To: ubuntu-users at lists.ubuntu.com
Subject: Re: Firewall Setup / Shoreline

On Friday 23 November 2007, Karl-Heinz Schulz wrote:
> I have followed the tutorial to set up the firewall (shoreline) but I
> still cannot my box from the outside via http or ssh/
>
> The output of the shoreline test shows
> -----------------------------------------------------------------
> Checking...
> Initializing...
> Determining Zones...
>    IPv4 Zones: net loc
>    Firewall Zone: fw
> Validating interfaces file...
> Validating hosts file...
> Pre-processing Actions...
>    Pre-processing /usr/share/shorewall/action.Drop...
>    Pre-processing /usr/share/shorewall/action.Reject...
> Validating Policy file...
> Determining Hosts in Zones...
>    net Zone: eth0:0.0.0.0/0
>    WARNING: Zone loc is empty
> Deleting user chains...
> Checking /etc/shorewall/routestopped ...
> Creating Interface Chains...
> Checking Common Rules
> Adding Anti-smurf Rules
> Enabling RFC1918 Filtering
> Checking TCP Flags checking...
> Checking Kernel Route Filtering...
> Checking Martian Logging...
> Compiling IP Forwarding...
> Checking /etc/shorewall/rules...
> Checking Actions...
> Checking /usr/share/shorewall/action.Drop for Chain Drop...
> Checking /usr/share/shorewall/action.Reject for Chain Reject...
> Checking /etc/shorewall/policy...
> Checking Traffic Control Rules...
> Checking Rule Activation...
> Shorewall configuration verified
>
> .. your firewall configuration looks OK.
> -----------------------------------------------------------------
>
> the output of my rules are
>
> # PORT PORT(S) DEST LIMIT GROUP
> ACCEPT  net     $FW     icmp    8
> ACCEPT  $FW     net     icmp
> ACCEPT net fw tcp ssh,www,https,smtp,pop3,pop3s,imap2,imaps,submi
> ssion
> ACCEPT  net     $FW     udp     https
>
> and of my zones:
>
> fw      firewall
> net     ipv4                            #
> loc     ipv4
>
>
> What am I missing?
>
> TIA

Is your  firewall machine the one you want to talk to?   or do you want to 
talk to some other machine on your LAN?



-- 
ubuntu-users mailing list
ubuntu-users at lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-users
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4244 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/ubuntu-users/attachments/20071123/06019216/attachment.bin>

More information about the ubuntu-users mailing list