there is something interesting in messages log after the shorewall start
what in firewall.log
time to debug 
Dec 14 14:57:40 network root: Shorewall Stopped
Dec 14 14:57:40 network root: Shorewall Cleared
Dec 14 14:57:46 network avahi-daemon[1524]: Withdrawing workstation service for em1-ifb.
Dec 14 14:57:46 network FireQOS[31231]: Cleared all QOS on all interfaces
Dec 14 14:57:47 network FireQOS[31282]: QoS applied ok (25 tc commands applied)
Dec 14 14:57:47 network root: Shorewall started
Dec 14 14:57:33 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=222.240.152.132 DST=**SERVER IP** LEN=48 TOS=0x00 PREC=0x00 TTL=116 ID=16736 DF PROTO=TCP SPT=54252 DPT=1433 WINDOW=8192 RES=0x00 SYN URGP=0
Dec 14 14:57:39 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=45.129.33.121 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=51363 PROTO=TCP SPT=43655 DPT=6431 WINDOW=1024 RES=0x00 SYN URGP=0
Dec 14 14:57:50 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=45.129.33.15 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=42684 PROTO=TCP SPT=45637 DPT=2930 WINDOW=1024 RES=0x00 SYN URGP=0
Dec 14 14:58:06 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=45.129.33.81 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=15342 PROTO=TCP SPT=47730 DPT=5952 WINDOW=1024 RES=0x00 SYN URGP=0
Dec 14 14:58:17 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=45.129.33.129 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=13605 PROTO=TCP SPT=45478 DPT=3774 WINDOW=1024 RES=0x00 SYN URGP=0
Dec 14 14:58:21 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=45.129.33.170 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=59050 PROTO=TCP SPT=46151 DPT=60071 WINDOW=1024 RES=0x00 SYN URGP=0
Dec 14 14:58:31 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=45.129.33.151 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=65288 PROTO=TCP SPT=42338 DPT=6090 WINDOW=1024 RES=0x00 SYN URGP=0
Dec 14 14:58:36 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=216.218.206.84 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=54321 PROTO=TCP SPT=47329 DPT=2323 WINDOW=65535 RES=0x00 SYN URGP=0
Dec 14 14:58:51 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=138.197.206.190 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=34027 PROTO=TCP SPT=61953 DPT=9996 WINDOW=1024 RES=0x00 SYN URGP=0
Dec 14 14:58:54 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=223.71.167.171 DST=**SERVER IP** LEN=40 TOS=0x04 PREC=0x00 TTL=242 ID=54321 PROTO=TCP SPT=32987 DPT=526 WINDOW=65535 RES=0x00 SYN URGP=0
Dec 14 14:59:15 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=45.129.33.162 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=1994 PROTO=TCP SPT=43946 DPT=7488 WINDOW=1024 RES=0x00 SYN URGP=0
Dec 14 14:59:15 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=141.98.80.242 DST=**SERVER IP** LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=38451 PROTO=TCP SPT=55832 DPT=33555 WINDOW=1024 RES=0x00 SYN URGP=0
Dec 14 14:59:22 network kernel: Shorewall:net2fw:DROP:IN=em1 OUT= MAC=44:a8:42:35:84:57:5c:45:27:cc:49:cd:08:00 SRC=162.142.125.17 DST=**SERVER IP** LEN=44 TOS=0x00 PREC=0x00 TTL=46 ID=38945 PROTO=TCP SPT=17905 DPT=2087 WINDOW=1024 RES=0x00 SYN URGP=0
what is the output of
ip a
db networks show
route -n
[root@network ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: em1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc htb state UP group default qlen 1000
link/ether **INTERFACE MAC**:57 brd ff:ff:ff:ff:ff:ff
inet **SERVER PUBLIC IP**/24 brd **SERVER PUBLIC MASK** scope global em1
valid_lft forever preferred_lft forever
inet6 fe80::46a8:42ff:fe35:8457/64 scope link
valid_lft forever preferred_lft forever
3: em2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq master br0 state UP group default qlen 1000
link/ether **INTERFACE MAC**:58 brd ff:ff:ff:ff:ff:ff
inet6 fe80::46a8:42ff:fe35:8458/64 scope link
valid_lft forever preferred_lft forever
4: em3: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether **INTERFACE MAC**:59 brd ff:ff:ff:ff:ff:ff
5: em4: <BROADCAST,MULTICAST> mtu 1500 qdisc mq state DOWN group default qlen 1000
link/ether **INTERFACE MAC**:5a brd ff:ff:ff:ff:ff:ff
6: idrac: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether **INTERFACE MAC**:19 brd ff:ff:ff:ff:ff:ff
7: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether **INTERFACE MAC**:58 brd ff:ff:ff:ff:ff:ff
inet **INTERNAL LAN IP 1**/24 brd **INTERNAL LAN BROADCAST** scope global br0
valid_lft forever preferred_lft forever
inet **INTERNAL LAN IP 2**/24 brd **INTERNAL LAN BROADCAST** scope global secondary br0:0
valid_lft forever preferred_lft forever
inet6 fe80::46a8:42ff:fe35:8458/64 scope link
valid_lft forever preferred_lft forever
9: vb-nsdc@if2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br0 state UP group default qlen 1000
link/ether **INTERFACE MAC**:12 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::9033:57ff:fe20:5d12/64 scope link
valid_lft forever preferred_lft forever
81: tap0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast master br0 state DOWN group default qlen 100
link/ether **INTERFACE MAC**:d3 brd ff:ff:ff:ff:ff:ff
inet6 fe80::6867:7dff:fecf:88d3/64 scope link
valid_lft forever preferred_lft forever
85: tunrw: <POINTOPOINT,MULTICAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UNKNOWN group default qlen 100
link/none
inet **INTERNAL VPN IP**/24 brd **INTERNAL VPN BROADCAST** scope global tunrw
valid_lft forever preferred_lft forever
inet6 fe80::3b58:1e88:7ad6:2b0d/64 scope link flags 800
valid_lft forever preferred_lft forever
95: em1-ifb: <BROADCAST,NOARP,UP,LOWER_UP> mtu 1500 qdisc htb state UNKNOWN group default qlen 32
link/ether **INTERFACE MAC**:9a brd ff:ff:ff:ff:ff:ff
inet6 fe80::c3b:b8ff:fe79:bc9a/64 scope link
valid_lft forever preferred_lft forever
[root@network ~]#
[root@network ~]# db networks show
10.0.0.0=network
Description=Internal Network
Mask=255.255.0.0
br0=bridge
bootproto=none
gateway=**INTERNAL LAN**.1
ipaddr=**INTERNAL LAN**.10
netmask=255.255.255.0
nslabel=LAN
role=green
br0:0=alias
ipaddr=**INTERNAL LAN**.12
netmask=255.255.255.0
role=alias
em1=ethernet
FwInBandwidth=150
FwOutBandwidth=150
bootproto=none
gateway=**SERVER PUBLIC GATEWAY**
ipaddr=**SERVER PUBLIC IP**
netmask=255.255.255.0
nslabel=WAN
role=red
em2=ethernet
bridge=br0
role=bridged
em3=ethernet
role=
em4=ethernet
role=
idrac=ethernet
role=
ppp0=xdsl-disabled
AuthType=auto
FwInBandwidth=
FwOutBandwidth=
Password=
name=PPPoE
provider=xDSL provider
role=red
user=
red1=provider
interface=em1
weight=1
[root@network ~]#
you mixed something in the network area, we cannot debug because you hide the output, route -n could be interesting
Start from scratch again
shorewall is too much integrated to change it
@stephdl, I sent you a private message with the unrestricted information.
I seem to have resolved this issue. Somehow, under Firewall > WAN, the bandwidth was set to 150kbps, which limited the max throughput of the machine. Now that it’s corrected to the correct speed, everything seems to be working fine.
2 Likes
for the sake of debugger, it is written in the configuration of network esmith database
1 Like