Config shorewall-two-interface question

satimis · 11-04-2003, 10:32 AM

Hi folks,

RH9
Shorewall-1.4.7
two-interface
Quickstart guides and
http://www.shorewall.net/PPTP.htm
===========
Hardware config
PC1
eth0 connected to broadband via ADSL modem
eth1 connected to PC2 via a crossover cable

PC2
eth0 connected to eth1 of PC@ for broadband sharing
(not connected yet)

Can any folk assist me to understand why uncomment following line on /etc/shorewall/policy
#all all REJECT info

resulting in PC1 cut off from Internet

Hereinbelow are the respective config files
/etc/shorewall/policy
#SOURCE DEST POLICY LOG LEVEL
loc net ACCEPT
fw net ACCEPT
net all DROP info
#all all REJECT info

/etc/shorewall/zone
#ZONE DISPLAY COMMENTS
modem modem ADSL Modem
net Net Internet
loc Local Local Networks
#dmz DMZ Demilitarized zone

/etc/shorewall/tunnels
# TYPE ZONE GATEWAY GATEWAY
pptpclient modem 192.168.1.1

/etc/shorewall/rules
#ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER
ACCEPT fw net tcp 53
ACCEPT fw net udp 53
ACCEPT loc fw tcp 22
ACCEPT loc fw icmp 8
ACCEPT net fw icmp 8
ACCEPT fw loc icmp 8
ACCEPT fw net icmp 8

/etc/shorewall/interfaces
#ZONE INTERFACE BROADCAST OPTIONS
#net eth0 "-" dhcp,routefilter,norfc1918
loc eth1 detect
modem eth0 192.168.1.255 dhcp

Thanks in advance.

B.R.
satimis