A few questions so I'm not leading you in the wrong direction: Is shorewall running on a dedicated firewall box, or is it running on a host?
If it is on a dedicated box, is eth0 on the internet side, or the local side? Does your datecenter give you a public or private ip? (I know a dumb question, but maybe they are doing 1-1 nat or something) Thank you, On Mon, 2007-01-15 at 14:05 -0700, Graziano wrote: > Thank you all . > > Ok , I removed norfc1918 from > > /etc/shorewall/interfaces > > and now norfc1918 are no more dropped. > > I have an hosting server hosted on a remote datacenter , truly I have no idea > what was > that 192.168.63.2 which was fulling my logs > > Jan 15 20:56:42 hostname kernel: Shorewall:rfc1918:DROP:IN=eth0 OUT= > MAC=ff:ff:ff:ff:ff:ff:00:e0:81:30:44:81:08:00 SRC=192.168.63.2 > DST=255.255.255.255 LEN=40 TOS=0x00 PREC=0x00 TTL=128 ID=30316 PROTO=UDP > SPT=20060 DPT=623 LEN=20 > > I asked also to my datacenter but I received no reply. For this reason I was > searching a way to whitelist this ip . > > I have serious difficult to set shorewall at the best . I truly hope to see a > php/perl interface > to set it in a easy way . I know , there is a shorewall webmin interface , > but I cannot install webmin togheter with > cpanel . I truly hope to see some web interface which can run separately from > webmin. > > Thank you > > > > > > > > Good point. I was assuming he was trying to actually pass the traffic, > > but yeah, that's broadcast traffic alright. So you are probably > > correct, he just wants to clear up the logs. Unless he has some weird > > bridge & vpn setup going on (like me, DECNet in an IP world sucks), and > > actually needs to be sending that broadcast traffic somewhere. But I > > would highly doubt it, I'm pretty sure I'm the first and last person to > > be masochistic enough to even attempt that. > > > > Graziano, > > > > What exactly are you trying to do? > > > > > > On Mon, 2007-01-15 at 10:32 -0800, Tom Eastep wrote: > > > >> Bryan Vukich wrote: > >> > >>> I know, but from what I gather, eth0 is his internal nic, so I am having > >>> him remove rfc1918 filtering from that interface. > >>> > >> If that is the case then the rules you suggest wouldn't be necessary since > >> it appears that broadcasts are what are being logged. And Shorewall policy > >> logging suppresses broadcast/multicast packets. I got the impression that > >> the OP was simply trying to rid himself of the log clutter. > >> > >> -Tom > >> ------------------------------------------------------------------------- > >> Take Surveys. Earn Cash. Influence the Future of IT > >> Join SourceForge.net's Techsay panel and you'll get the chance to share > >> your > >> opinions on IT & business topics through brief surveys - and earn cash > >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > >> _______________________________________________ Shorewall-users mailing > >> list [email protected] > >> https://lists.sourceforge.net/lists/listinfo/shorewall-users > >> > >> ------------------------------------------------------------------------ > >> > >> ------------------------------------------------------------------------- > >> Take Surveys. Earn Cash. Influence the Future of IT > >> Join SourceForge.net's Techsay panel and you'll get the chance to share > >> your > >> opinions on IT & business topics through brief surveys - and earn cash > >> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > >> ------------------------------------------------------------------------ > >> > >> _______________________________________________ > >> Shorewall-users mailing list > >> [email protected] > >> https://lists.sourceforge.net/lists/listinfo/shorewall-users > >> > > > ------------------------------------------------------------------------- > Take Surveys. Earn Cash. Influence the Future of IT > Join SourceForge.net's Techsay panel and you'll get the chance to share your > opinions on IT & business topics through brief surveys - and earn cash > http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV > _______________________________________________ > Shorewall-users mailing list > [email protected] > https://lists.sourceforge.net/lists/listinfo/shorewall-users -- Bryan Vukich Network Administrator The Olson Company
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
