Discussion:
[Shorewall-users] shorewall-5.1.4.4 won't masquerade
Grant
2017-07-20 22:54:01 UTC
Permalink
My masquerade config is simple exactly like Example 1 here:

http://shorewall.org/manpages/shorewall-masq.html

It has worked for a very long time and works on 5.0.15.6 but not on
5.1.4.4 or 5.1.5. Any ideas?

- Grant
Simon Matter
2017-07-21 03:42:50 UTC
Permalink
Post by Grant
http://shorewall.org/manpages/shorewall-masq.html
It has worked for a very long time and works on 5.0.15.6 but not on
5.1.4.4 or 5.1.5. Any ideas?
Hi,

I think you have to update your config because it now uses the snat file
instead of masq.

Regards,
Simon
Grant
2017-07-21 14:32:55 UTC
Permalink
Post by Simon Matter
Post by Grant
http://shorewall.org/manpages/shorewall-masq.html
It has worked for a very long time and works on 5.0.15.6 but not on
5.1.4.4 or 5.1.5. Any ideas?
Hi,
I think you have to update your config because it now uses the snat file
instead of masq.
I was sure this would do it but it isn't masquerading after rebooting
the router. I used Example 1 here:

http://shorewall.net/manpages/shorewall-snat.html

- Grant
Tom Eastep
2017-07-21 03:51:33 UTC
Permalink
Post by Grant
http://shorewall.org/manpages/shorewall-masq.html
It has worked for a very long time and works on 5.0.15.6 but not on
5.1.4.4 or 5.1.5. Any ideas?
If you

shorewall update

does it then work?

-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
Grant
2017-07-21 14:33:29 UTC
Permalink
Post by Tom Eastep
Post by Grant
http://shorewall.org/manpages/shorewall-masq.html
It has worked for a very long time and works on 5.0.15.6 but not on
5.1.4.4 or 5.1.5. Any ideas?
If you
shorewall update
does it then work?
Can I see the changes it wants to make without writing them?

- Grant
Tom Eastep
2017-07-21 15:42:16 UTC
Permalink
Post by Grant
Post by Tom Eastep
Post by Grant
http://shorewall.org/manpages/shorewall-masq.html
It has worked for a very long time and works on 5.0.15.6 but not on
5.1.4.4 or 5.1.5. Any ideas?
If you
shorewall update
does it then work?
Can I see the changes it wants to make without writing them?
No -- but each file that is changed has the original saved in a .bak file.

-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
Grant
2017-07-21 18:39:38 UTC
Permalink
Post by Tom Eastep
Post by Grant
Post by Tom Eastep
Post by Grant
http://shorewall.org/manpages/shorewall-masq.html
It has worked for a very long time and works on 5.0.15.6 but not on
5.1.4.4 or 5.1.5. Any ideas?
If you
shorewall update
does it then work?
Can I see the changes it wants to make without writing them?
No -- but each file that is changed has the original saved in a .bak file.
I just ran shorewall update and restarted shorewall but masquerade
still doesn't work. Could kernel requirements have changed?

- Grant
Tom Eastep
2017-07-21 20:12:59 UTC
Permalink
Post by Grant
Post by Tom Eastep
Post by Grant
Post by Tom Eastep
Post by Grant
http://shorewall.org/manpages/shorewall-masq.html
It has worked for a very long time and works on 5.0.15.6 but not on
5.1.4.4 or 5.1.5. Any ideas?
If you
shorewall update
does it then work?
Can I see the changes it wants to make without writing them?
No -- but each file that is changed has the original saved in a .bak file.
I just ran shorewall update and restarted shorewall but masquerade
still doesn't work. Could kernel requirements have changed?
I doubt it -- please forward the output of 'shorewall dump' and I'll
take a look.

Thanks,
-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
Tom Eastep
2017-07-21 22:42:35 UTC
Permalink
Hi Tom, I'm sending this email to you directly. I greatly appreciate
you taking a look at my log but please don't post any of its private
info to the list.
You need to set IP_FORWARDING=Yes in shorewall.conf.

-Tom
--
Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard?
Washington, USA \ A: Someone who makes you an offer you can't
http://shorewall.org \ understand
\_______________________________________________
Grant
2017-07-21 23:19:15 UTC
Permalink
Post by Tom Eastep
Hi Tom, I'm sending this email to you directly. I greatly appreciate
you taking a look at my log but please don't post any of its private
info to the list.
You need to set IP_FORWARDING=Yes in shorewall.conf.
Fixed! Thanks and sorry!

- Grant

Continue reading on narkive:
Search results for '[Shorewall-users] shorewall-5.1.4.4 won't masquerade' (Questions and Answers)
9
replies
what is firewall?
started 2007-02-05 22:32:48 UTC
computer networking
Loading...