Thank you all . Ok , I removed norfc1918 from
/etc/shorewall/interfaces and now norfc1918 are no more dropped. I have an hosting server hosted on a remote datacenter , truly I have no idea what was that 192.168.63.2 which was fulling my logs Jan 15 20:56:42 hostname kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT= MAC=ff:ff:ff:ff:ff:ff:00:e0:81:30:44:81:08:00 SRC=192.168.63.2 DST=255.255.255.255 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=30316 PROTO=UDP SPT=20060 DPT=623 LEN=20 I asked also to my datacenter but I received no reply. For this reason I was searching a way to whitelist this ip . I have serious difficult to set shorewall at the best . I truly hope to see a php/perl interface to set it in a easy way . I know , there is a shorewall webmin interface , but I cannot install webmin togheter with cpanel . I truly hope to see some web interface which can run separately from webmin. Thank you > Good point. I was assuming he was trying to actually pass the traffic, > but yeah, that's broadcast traffic alright. So you are probably > correct, he just wants to clear up the logs. Unless he has some weird > bridge & vpn setup going on (like me, DECNet in an IP world sucks), and > actually needs to be sending that broadcast traffic somewhere. But I > would highly doubt it, I'm pretty sure I'm the first and last person to > be masochistic enough to even attempt that. > > Graziano, > > What exactly are you trying to do? > > > On Mon, 2007-01-15 at 10:32 -0800, Tom Eastep wrote: > >> Bryan Vukich wrote: >> >>> I know, but from what I gather, eth0 is his internal nic, so I am having >>> him remove rfc1918 filtering from that interface. >>> >> If that is the case then the rules you suggest wouldn't be necessary since >> it appears that broadcasts are what are being logged. And Shorewall policy >> logging suppresses broadcast/multicast packets. I got the impression that >> the OP was simply trying to rid himself of the log clutter. >> >> -Tom >> ------------------------------------------------------------------------- >> Take Surveys. Earn Cash. Influence the Future of IT >> Join SourceForge.net's Techsay panel and you'll get the chance to share your >> opinions on IT & business topics through brief surveys - and earn cash >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >> _______________________________________________ Shorewall-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/shorewall-users >> >> ------------------------------------------------------------------------ >> >> ------------------------------------------------------------------------- >> Take Surveys. Earn Cash. Influence the Future of IT >> Join SourceForge.net's Techsay panel and you'll get the chance to share your >> opinions on IT & business topics through brief surveys - and earn cash >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV >> ------------------------------------------------------------------------ >> >> _______________________________________________ >> Shorewall-users mailing list >> [email protected] >> https://lists.sourceforge.net/lists/listinfo/shorewall-users >> ------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
