[Firehol-support] firehol and snat
Costa Tsaousis
costa at tsaousis.gr
Thu Oct 4 01:02:03 BST 2007
O/H rich at thevillas.eclipse.co.uk έγραψε:
>
> Interestingly, I can't seem to ssh to the external address of the
> firewall from the LAN either. I'm wondering whether there is a rule
> that is dropping all traffic hitting the PUBLIC_MYIP if it originates
> from the LAN?
>
If firehol is dropping traffic there should be some logs about it. Check it.
You could also append
... log "text to be logged"
to the dnat and snat rules (or any other). This will make the rule log
the "text to be logged" when a packet matches it.
You can also do:
firehol status
In the output the first column is a packet counter. You should this
increasing for each packet matching the rule.
Costa
More information about the Firehol-support
mailing list