Tom Eastep wrote:
Karsten Bräckelmann wrote:May 20 00:16:45 firewall01 kernel: Shorewall:FORWARD:REJECT:IN=eth1 OUT=eth1^^^^^^^^^^^^^^^^ Are these supposed to be the same?SRC=xxx.xx.xxx.xx DST=xxx.xxx.xxx.xxx LEN= 57 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP SPT=32768 DPT=53 LEN=37 where the SRC is it's own zone, and the DST is an external (net) zone. The eth1 interface is my internal local network, while eth0 is the internet connection to our provider.Typo in masq? Did you mean 'eth0 eth1' there?Either that or eth1 needs the 'routeback' option (see Shorewall FAQ 17).
This could also be caused by doing something silly like configuring a default route out of eth1.
-Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
