Cranky Firewall

Posted by Doug Sat, 05 Feb 2005 18:45:00 GMT

I’ve been wrestling with my firewall last night and today. At home I use a ThinkPad running Debian Linux and Shorewall as my firewall/router. I know I could buy a dedicated firewall/router unit for less than $100; but I really like having full control over my public network interface. For instance I use my ThinkPad to do VPN-like tunneling from my work.

Anyway, for some reason it quit working Thursday night. After more than a few hours of mucking with it, I finally fixed it. Turns out my shorewall configuration had IP_FORWARDING=Keep. This told it to preserve whatever IP forwarding that had previously been configured. So apparently, my configuration had enable IP forwarding at some time outside of shorewall. I don’t know how my IP forwarding got disabled. frown However, setting IP_FORWARDING=on in my shorewall.conf fixed the problem.

As an added bonus, I got aggravated enough typing in IP addresses of my home LAN that I finally setup an internal DNS. It’s always bothered me typing ssh 10.0.1.1 but never enough to actually do anything. Now I can just type ssh gateway.

Posted in  | no comments

Comments

RSS feed for this post

Comments are disabled

Copyright 2001 - 2005 by Lathi.net and Doug Alcorn

Creative Commons, Some Rights Reserved Ruby on Rails Developer Powered by Debian GNU/Linux Powered by Typo