Hi,
I've built two new firewalls with the latest shorewall
4.0.10-3 (updating from 2.4.9 finally!).
I've migrated the rules and modified them to the new
formats, and configured everything I need correctly.
When I tried to get the firewalls online last night
(they're clustered) I got alot of these messages:
May 20 00:16:45 firewall01 kernel:
Shorewall:FORWARD:REJECT:IN=eth1 OUT=eth1
SRC=xxx.xx.xxx.xx DST=xxx.xxx.xxx.xxx LEN=
57 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP
SPT=32768 DPT=53 LEN=37
where the SRC is it's own zone, and the DST is an
external (net) zone.
The eth1 interface is my internal local network, while
eth0 is the internet connection to our provider.
I have about 17 zones running and configured (the
current shorewall 2.4.9 firewalls provide subnets and
firewalling for that many clients).
How would I start to trouble-shoot this problem?
noting I've migrated my config and setup (with the
expected modifications to take advantage of the new
4.x formats and values) from a working environment.
I'm going to give the new firewalls a go again tonight
to try and work out this problem.
Thanks.
Michael.
Get the name you always wanted with the new y7mail email address.
www.yahoo7.com.au/y7mail
-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft
Defy all challenges. Microsoft(R) Visual Studio 2008.
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
