Thank you I have RFC1918_STRICT=No RFC1918_LOG_LEVEL=alert
what to do to leave RFC1918 only on the external ? And , please how to allow an ip fully ? are these rules ok ? ACCEPT loc:192.168.63.2 all all (for internal ip) ACCEPT net:215.162.1.22 all all (for external ip) Thank you! > I just looked at your log snippet closer, it is being dropped because > you have the norfc1918 option set in shorewall/interfaces. > > If eth0 is your internal (loc) interface, remove that option from that > interface, it is ok to leave it on the external (net) interface. > > > On Mon, 2007-01-15 at 06:51 -0700, Graziano wrote: > >> Hello >> >> I have my shorewall log full of these >> >> Jan 15 02:11:52 hostname kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT= >> MAC=ff:ff:ff:ff:ff:ff:00:e0:81:30:44:81:08:00 SRC=192.168.63.2 >> DST=255.255.255.255 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=14102 PROTO=UDP >> SPT=20060 DPT=623 LEN=20 >> >> I wish to allow 192.168.63.2 to remove these droppings . How to do that >> ? I can see a blacklist files but I cannot see a whitelist file >> I suppose I have to write something on rule , but I am not sure . >> >> Anyone can tell me how to do that ? >> >> Thanks >> >> >> ------------------------------------------------------------------------- >> Take Surveys. Earn Cash. Influence the Future of IT >> Join SourceForge.net's Techsay panel and you'll get the chance to share your >> opinions on IT & business topics through brief surveys - and earn cash >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >> _______________________________________________ >> Shorewall-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/shorewall-users >> >> ------------------------------------------------------------------------ >> >> ------------------------------------------------------------------------- >> Take Surveys. Earn Cash. Influence the Future of IT >> Join SourceForge.net's Techsay panel and you'll get the chance to share your >> opinions on IT & business topics through brief surveys - and earn cash >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Shorewall-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/shorewall-users >> ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
