I'm doing shorewall configuration based webmin, I use 3 NIC, where the order eth0 --> net eth1 --> loc eth2 --> loc in the webmin module, the module shorewall, I make the settings zones on the network, I made the setting Code: # # Shorewall version 4 - Zones File # # For information about this file, type "man shorewall-zones" # # The manpage is also online at # http://www.shorewall.net/manpages/shorewall-zones.html # ############################################################################### #ZONE TYPE OPTIONS IN OPTIONS OUT OPTIONS # fw firewall net ipv4 loc ipv4 #LAST LINE - ADD YOUR ENTRIES ABOVE THIS ONE - DO NOT REMOVE interface on the network, i made setting Code: # # Shorewall version 4 - Interfaces File # # For information about entries in this file, type "man shorewall-interfaces" # # The manpage is also online at # http://www.shorewall.net/manpages/shorewall-interfaces.html # ############################################################################### #ZONE INTERFACE BROADCAST OPTIONS net eth0 detect loc eth1 detect loc eth2 detect #LAST LINE – add your entries before this line – DO NOT REMOVE on the policies, i made settings Code: # # Shorewall version 4 - Policy File # # For information about entries in this file, type "man shorewall-policy" # # The manpage is also online at # http://www.shorewall.net/manpages/shorewall-policy.html # ############################################################################### #SOURCE DEST POLICY LOG LIMIT: CONNLIMIT: # LEVEL BURST MASK $fw net ACCEPT loc net ACCEPT net all DROP all all REJECT #LAST LINE – add your entries before this line – DO NOT REMOVE on the rules, i made setting Code: # # Shorewall version 4 - Rules File # # For information on the settings in this file, type "man shorewall-rules" # # The manpage is also online at # http://www.shorewall.net/manpages/shorewall-rules.html # #################################################################################################################################################### #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL RATE USER/ MARK CONNLIMIT TIME # PORT PORT(S) DEST LIMIT GROUP # # accept connection DNS ( Port DNS 53 ) ACCEPT loc $fw tcp 53 ACCEPT loc $fw udp 53 # accept proxy squid( transparent proxy port 3128 ) ACCEPT loc $fw tcp 3128 DROP net $fw tcp 3128 # accept connection ftp ACCEPT loc $fw tcp 21 #webmin ACCEPT loc $fw ACCEPT $fw loc # accept connection to SSH ACCEPT loc $fw tcp 22 #Ping status ACCEPT loc $fw icmp 8 # Transparent proxy REDIRECT loc tcp 80 #LAST LINE -- ADD YOUR ENTRIES BEFORE THIS ONE -- DO NOT REMOVE and after I do a shorewall start of this then I get the results so Code: Module Index Error Failed to start firewall : Compiling... Initializing... Determining Zones... IPv4 Zones: net loc Firewall Zone: fw Validating interfaces file... Validating hosts file... Pre-processing Actions... Pre-processing /usr/share/shorewall/action.Drop... ERROR: Invalid TARGET in rule "COUNT " /sbin/shorewall: line 384: 4362 Terminated $command $SHOREWALL_SHELL $sc $@ <- Return to previous page can you help me, this problem?