I have just installed Shorewall with Webmin, I am new to both. I have multiple NICS, but only currently using two. I am working on setting up a DMZ this will be my inner firewall. LAN address is 192.168.107.121 (currently DHCP until I get it set up and working and replace my current firewall (will be eliminated) with what will be my outer firewall.
WAN IP or DMZ address 10.0.107.2 GW 10.0.107.1
First I am able to ping 10.0.107.2 but not 10.0.107.1 which I understand is the default for Shorewall but want to be able to do this for troubleshooting purposes – now and in the future.
Second when running sudo shorewall restart I get the following error:
ERROR: The ‘zones’ file does not exist or has zero size /usr/share/shorewall/helpers (EOF)
You may, or may not, get an answer here. Webmin provides an interface to help you manage your software. It doesn’t instruct you on the HOW. Seems Shorewall is getting a tad neglected. https://shorewall.org/index.html
If you don’t get the help you are looking for here you might see if there are more relevant groups. The documentation link on the site I posted is a good start though.
For the ping issue, it seems like a routing or Shorewall configuration might be blocking the traffic. Check the interfaces and policy files in your Shorewall setup to ensure that traffic to the WAN gateway (10.0.107.1) isn’t being restricted. You might need to add a specific rule in the rules file to allow ICMP (ping) traffic for troubleshooting.
