Shorewall/DNAT question

panyasan

Member
Nov 14, 2010
9
0
21
Hi, I am new to proxmox and to advanced network administration in general. I am using Shorewall as firewall.

I have a couple of KVM instances running on a private network (10.1.1.x). I have no trouble forwarding SSH traffic to them:

Code:
# /etc/shorewall/rules
SSH/ACCEPT		net		$FW 
SSH/ACCEPT		net		dmz
DNAT 			net		loc:10.1.1.4:22		  tcp	10422

This way, I can reach the local machine on the proxmox server's port 10422.

However, now I want to expose a zope server running on port 8081 on my KVM instance.

Code:
ACCEPT		net		$FW  				tcp		10481
ACCEPT		net		dmz  				tcp		10481
DNAT 		net		loc:10.1.1.4:8081		tcp		10481

But I cannot reach the server on port 10481 on the proxmox server's IP. What might I be doing wrong? It would be great if someone can point me into the right direction? Thanks!

Christian
 
Ok, I found it:

Code:
ACCEPT	net	$FW			tcp	10481
ACCEPT	net	dmz			tcp	8081 # Here was the mistake
DNAT	net	loc:10.1.1.4:8081	tcp	10481
 
Last edited:

About

The Proxmox community has been around for many years and offers help and support for Proxmox VE, Proxmox Backup Server, and Proxmox Mail Gateway.
We think our community is one of the best thanks to people like you!

Get your subscription!

The Proxmox team works very hard to make sure you are running the best software and getting stable updates and security enhancements, as well as quick enterprise support. Tens of thousands of happy customers have a Proxmox subscription. Get yours easily in our online shop.

Buy now!