Hi, --- Tom Eastep <[EMAIL PROTECTED]> wrote:
> Tom Eastep wrote: > > Karsten Bräckelmann wrote: > >>> May 20 00:16:45 firewall01 kernel: > >>> Shorewall:FORWARD:REJECT:IN=eth1 OUT=eth1 > >> ^^^^^^^^^^^^^^^^ > >> Are these supposed to be the same? > >> > >>> SRC=xxx.xx.xxx.xx DST=xxx.xxx.xxx.xxx LEN= > >>> 57 TOS=0x00 PREC=0x00 TTL=63 ID=0 DF PROTO=UDP > >>> SPT=32768 DPT=53 LEN=37 > >>> > >>> where the SRC is it's own zone, and the DST is > an > >>> external (net) zone. > >>> > >>> The eth1 interface is my internal local network, > while > >>> eth0 is the internet connection to our provider. > >> > >> Typo in masq? Did you mean 'eth0 eth1' there? > > > > Either that or eth1 needs the 'routeback' option > (see Shorewall FAQ 17). > > This could also be caused by doing something silly > like configuring a > default route out of eth1. Sorry for the lateness of this reply, a couple of 3am nights in the data centre working this out (and other problems) before getting back onto this list. Yes Tom, it was exactly that problem. The default route was set to eth1 instead of eth0. Once that was modified then all worked fine thereafter. Many thanks for the assistance and suggestions for what this could have been. Michael. > -Tom > -- > Tom Eastep \ Nothing is foolproof to a > sufficiently talented fool > Shoreline, \ http://shorewall.net > Washington USA \ [EMAIL PROTECTED] > PGP Public Key \ > https://lists.shorewall.net/teastep.pgp.key Get the name you always wanted with the new y7mail email address. www.yahoo7.com.au/mail ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
