[Shorewall-users] Question for port opening

Chung chungip at hkiworld.com
Thu Jun 26 19:23:48 PDT 2003

Dear Support,
    I 've installed shorewall 1.4.5 on Redhat 7.3 . My server has 2 =
Ethernet card (eth0,eth1). eth0 is for WAN can directly connect to ADSL =
 ADSL router is for NAT. The ADSL has a fix IP "A" and DMZ to =  ( eth1 is connected to hub for local =
My local lan is go though eth1 then go to eth0 for internet access.

I want release ports 21 and 25 from WAN to my server. other ports I need =
to reject.

I set  "loc" and "net" in "zone" file.=20

And policy is set :

loc    net    ACCEPT
net    loc    DROP
all    all    REJECT

rules file is set:

ACCEPT    net    loc    tcp    21
ACCEPT    net    loc    tcp    25

After all configuration and I test to telnet 21 and 25 are rejected.

Then I change the policy setting :

all    all    ACCEPT

I can telnet 21 and 25. but other also can connect (example 110).

What should I do ?

Thank you for your helping asap

Best Regards

Mr Chung Yip

More information about the Shorewall-users mailing list