[Shorewall-users] Question for port opening

Chung chungip at hkiworld.com
Thu Jun 26 19:23:48 PDT 2003


Dear Support,
    I 've installed shorewall 1.4.5 on Redhat 7.3 . My server has 2 =
Ethernet card (eth0,eth1). eth0 is for WAN can directly connect to ADSL =
router.=20
 ADSL router is for NAT. The ADSL has a fix IP "A" and DMZ to =
192.168.0.1(eth0).  (192.168.0.3) eth1 is connected to hub for local =
lan.=20
My local lan is go though eth1 then go to eth0 for internet access.


I want release ports 21 and 25 from WAN to my server. other ports I need =
to reject.

I set  "loc" and "net" in "zone" file.=20

And policy is set :

loc    net    ACCEPT
net    loc    DROP
all    all    REJECT

rules file is set:

ACCEPT    net    loc    tcp    21
ACCEPT    net    loc    tcp    25

After all configuration and I test to telnet 21 and 25 are rejected.

Then I change the policy setting :


all    all    ACCEPT

I can telnet 21 and 25. but other also can connect (example 110).


What should I do ?

Thank you for your helping asap

Best Regards

Mr Chung Yip







More information about the Shorewall-users mailing list