Hill, John
2016-08-04 16:08:59 UTC
I did check the FAQ.
I know the rules :) (I may not have followed them?)
I could see the protocol 47 hit the firewall. It just never got to my internal server
All I had done was upgrade and dist-upgrade from Wheezy to Jessie. It was working on Wheezy?
In the process moving unexpectedly from SysV to Systemd. I was not aware SysV was broke?
Reinstalled Shorewall, samething.
I rewrote the DNAT rule to redirect from only one interface and it works.
OLD: DNAT net local:192.168.xxx.xx x tcp 1723
DNAT net local:192.168.xxx.xxx 47
NEW:DNAT net local:192.168.xxx.xx x tcp 1723 - 12.xxx.xxx.xxx
DNAT net local:192.168.xxx.xxx 47 - - 12.xxx.xxx.xxx
I was planning on moving VPN traffic to this interface exclusively anyway.
I'm going over my configurations to see where I might have it screwed up.
Shorewall has always performed for me. Great product, tons of effort on your part.
Just reading the docs and FAQ's supply lessons in networking.
Thank you Tom.
--john hill
I know the rules :) (I may not have followed them?)
I could see the protocol 47 hit the firewall. It just never got to my internal server
All I had done was upgrade and dist-upgrade from Wheezy to Jessie. It was working on Wheezy?
In the process moving unexpectedly from SysV to Systemd. I was not aware SysV was broke?
Reinstalled Shorewall, samething.
I rewrote the DNAT rule to redirect from only one interface and it works.
OLD: DNAT net local:192.168.xxx.xx x tcp 1723
DNAT net local:192.168.xxx.xxx 47
NEW:DNAT net local:192.168.xxx.xx x tcp 1723 - 12.xxx.xxx.xxx
DNAT net local:192.168.xxx.xxx 47 - - 12.xxx.xxx.xxx
I was planning on moving VPN traffic to this interface exclusively anyway.
I'm going over my configurations to see where I might have it screwed up.
Shorewall has always performed for me. Great product, tons of effort on your part.
Just reading the docs and FAQ's supply lessons in networking.
Thank you Tom.
--john hill