Hi there, <quote who="Tom Eastep"> [...] > It most likely means that, for some reason, the packets are not matching > either the DNAT rule or an existing conntrack entry.
Well - the funny thing is that Firefox does not have that beheaviour - and I don't know why. Could it be a portscanning-detection that activates ? My firewall isn't very fast - but 533MHz CPU for a 6mBit line should IMHO be fast enough ... [...] > Afraid not -- either your mailer or the list software has mangled the pcap > file so that neither tcpdump nor Wireshark will have anything to do with > it. Hmm. Bad. I uploaded them to my Website. Check out: http://www.solsys.org/linux/shorewall_dump.txt http://www.solsys.org/linux/mozilla.pcap http://www.solsys.org/linux/ie.pcap [...] > No such problems have been reported here in the past. I never saw that beheaviour in my computer Life before either. 15years :( [...] > I'm doubtful that a dump will tell us anything. You are logging to a SQL > database and the log dump section of the dump comprises one of the most > important diagnostic tools that we have. What I suspect that we'll see is Hmm. I could deactivate the ulog-d and let shorewall write to a file. What exact directive should I give it to provide usable informations ? > some packets matching your log rule and the following drop rule and > nothing > else. Exact. But why does the system identify the packet not beeing part of a generic communication ? The 3-Way handshak took place - and only std requests get through after on... and I don't see a difference between DNAT'ed packets and the DROP'ed packets ... Thanks & Cheers Joerg -- ------------------------------------------------------------------------ | Joerg Mertin : [EMAIL PROTECTED] (Home)| | in Forchheim/Germany : [EMAIL PROTECTED] (Alt1)| | Stardust's LiNUX System : | | Web: http://www.solsys.org | ------------------------------------------------------------------------ PGP Fingerprint: AF0F FB75 997B 025F 4538 5AD6 9888 5D97 170B 8B7A ------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
