Bryan,
The devil was in the details, particularly the fact that your
external interfac uses an RFC 1918 address...
On Mon, 20 Jan 2003 14:32:06 EST Bryan Payne wrote:
> # ip addr show
[..]
> 3: eth0: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
> link/ether 00:a0:24:e4:66:ea brd ff:ff:ff:ff:ff:ff
> inet 192.168.0.4/24 brd 192.168.0.255 scope global eth0
> 4: eth1: <BROADCAST,MULTICAST,UP> mtu 1500 qdisc pfifo_fast qlen 100
> link/ether 00:a0:cc:57:e7:a1 brd ff:ff:ff:ff:ff:ff
> inet 192.168.1.254/24 brd 192.168.1.255 scope global eth1
> Here's what the problem is:
>
> Jan 20 11:40:49 firewall kernel: Shorewall:man1918:DROP:IN=eth0 OUT=
> MAC=00:a0:24:e4:66:ea:00:30:ab:06:6c:9c:08:00 SRC=128.8.129.2
> DST=192.168.0.4 LEN=64 TOS=0x00 PREC=0x00 TTL=56 ID=17230 DF PROTO=TCP
> SPT=22 DPT=39534 WINDOW=25920 RES=0x00 ACK SYN URGP=0
Notice the rule that was hit: "Shorewall:man1918". Do you have
the "norfc1918" option set for eth0 in /etc/shorewall/interfaces ?
E.g.:
net eth0 detect dhcp,routefilter,norfc1918
^^^^^^^^^
which is the Bering 1.0-stable default I believe.
--Brad
-------------------------------------------------------
This SF.NET email is sponsored by: FREE SSL Guide from Thawte
are you planning your Web Server Security? Click here to get a FREE
Thawte SSL guide and find the answers to all your SSL security issues.
http://ads.sourceforge.net/cgi-bin/redirect.pl?thaw0026en
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
