-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sean Covel wrote: > HELP. > > I'm not sure if the problem is my LEAF config or the application, but > here goes: > > LEAF uClibC Bering 1.1, 3 interface setup. Public, Private, DMZ. > > The app in question is Azureus 2.1.0.4, a BitTorrent client. BT uses > ports 6881-6999. I have port-forwarded the ports to an internal PC on > the private network: > > DNAT net loc:192.168.1.6 tcp 6881:6999 > > The client was working VERY SLOWLY so I decided to look at the firewall > logs. I recently started blocking out-going ports so I thought I had > messed something up. Here is what I discovered: > > > Oct 20 00:23:16 firewall Shorewall:rfc1918:DROP: IN=eth0 OUT=eth1 > MAC=00:03:47:08:40:1a:00:0b:bf:7f:44:a8:08:00 SRC=84.24.193.64 > DST=192.168.1.6 LEN=64 TOS=00 PREC=0x00 TTL=109 ID=52587 DF PROTO=TCP > SPT=6881 DPT=33649 SEQ=2893004602 ACK=982285315 WINDOW=65535 ACK SYN URGP=0 > Oct 20 00:23:26 firewall Shorewall:rfc1918:DROP: IN=eth0 OUT=eth1 > MAC=00:03:47:08:40:1a:00:0b:bf:7f:44:a8:08:00 SRC=83.116.64.150 > DST=192.168.1.6 LEN=64 TOS=00 PREC=0x00 TTL=112 ID=18647 DF PROTO=TCP > SPT=6881 DPT=33660 SEQ=1681451538 ACK=982106032 WINDOW=65535 ACK SYN URGP=0 > > I'm not sure how the "Peer" is getting my private IP address, but it > appears to be?
Because the above messages are generated in the Netfilter 'filter' table after DNAT has been applied. > > And the firewall is doing its job I guess, blocking an RFC1918 address. > Anybody got any ideas what's going on here? > This question is asked at least twice a week on the Shorewall list -- your rfc1918 file is out of date -- download a current one from the Shorewall errata page (Hint: 83.0.0.0/8 and 84.0.0.0/8 were recently allocated by the IANA). Or upgrade to Shorewall 2.0, don't use the 'nobogons' option and never have to worry about this again. - -Tom - -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFBdb+iO/MAbZfjDLIRAqWBAKCi1wF46JyTpvyLt8TKCnpOdMv0gQCgy5M6 ac3flK7/MzaAqKspNMWC+TA= =zRtp -----END PGP SIGNATURE----- ------------------------------------------------------- This SF.net email is sponsored by: IT Product Guide on ITManagersJournal Use IT products in your business? Tell us what you think of them. Give us Your Opinions, Get Free ThinkGeek Gift Certificates! Click to find out more http://productguide.itmanagersjournal.com/guidepromo.tmpl ------------------------------------------------------------------------ leaf-user mailing list: [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/leaf-user SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
