On Wed, 2003-12-31 at 15:29, Ronald J. Hall wrote: > On Wednesday 31 December 2003 11:34 am, Lyvim Xaphir wrote: > > -> ACTION SOURCE DESTINATION PROTOCOL PORT(S) SOURCE PORT(S) ORIGINAL DEST > -> > -> ACCEPT loc loc:a.b.c.d udp 111 > -> > -> ACCEPT loc loc:a.b.c.d tcp 111 > -> > -> ACCEPT loc loc:a.b.c.d udp 2049 > -> > -> ACCEPT loc loc:a.b.c.d udp 32700 > > Okay, I tried this and when I restart shorewall I get this: > > Processing /etc/shorewall/rules... > Error: Undefined Client Zone in rule "ACCEPT loc loc:192.168.0.100 udp 111" > Processing /etc/shorewall/stop ... > Processing /etc/shorewall/stopped ... > /sbin/service: line 148: 3246 Terminated $debug > $servicedir/$service $options > > Thanks
That means your local zone is not defined. Wow, it seems like your mcc would have at least set up a local zone for you. Evidently it (the install/mcc routine) cannot make the distinction between internet addresses and local addresses, otherwise known as RFC 1918 addresses. Since you most probably have only one interface, it (shorewall or mcc) now assumes that all your addresses are internet addresses. What I'm saying basically is that mcc did not set you up a loc zone. In your case then, the "net" zone is actually the local zone. Wierd. But anyway... Best thing is to change all occurrances above of loc to net, and rerun "shorewall restart". LX
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
