LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 06-04-2012, 02:54 AM   #1
y0_gesh
LQ Newbie
 
Registered: Nov 2011
Posts: 11

Rep: Reputation: Disabled
Unhappy Shorewall Routing Rules?


I have a file server in subnet 192.168.2.0. This is subnet A. Subnet B is 172.16.1.0.

A can access B whereas B cannot access A.

How can i configure my shorewall to allow computers in subnet B to get access only to the file server in subnet A.
 
Old 06-05-2012, 08:59 AM   #2
Noway2
Senior Member
 
Registered: Jul 2007
Distribution: Ubuntu 10.10, Slackware 64-current
Posts: 2,124

Rep: Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776Reputation: 776
This sounds like you need some form of reflexive NAT rule. What is curious is that one subnet can access the other. Does this one subnet perchance have a router associated with it that knows how to get to the other range and is doing some form of address translation?

To try to summarize, your Shorewall will need to know how to translate traffic from one zone, which it may try to route to the 'public' interface and reflect this back to the private interface of the other zone, while providing address translation to the new zone. I don't know the commands to tell you specifically how to do this in Shorewall (as I use a different security appliance), but I had to create some rules to this effect.
 
  


Reply

Tags
firewall, routing, shorewall


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
shorewall rules jindalarpan Linux - Software 1 04-13-2008 06:27 PM
rules.drakx in /etc/shorewall ferrel Mandriva 1 06-21-2007 12:00 AM
shorewall config question with /etc/shorewall/rules peter72 Linux - Networking 3 01-01-2007 10:33 PM
Shorewall .....rules or tos? matthewa Linux - Security 3 06-26-2005 02:57 PM
Shorewall policies + rules richlawson Linux - Networking 2 06-29-2003 12:35 PM


All times are GMT -5. The time now is 01:12 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration