Tom Eastep wrote: > > Third, and germane to the SMTP problem, is that all outbound traffic is > being placed in class 1:113 because of the blanket mark rule at the > bottom of both tcfor and tcout. These blanket rules should be moved to > the top of the tcrules file because tcrules are not terminating -- that > is, even if a packet matches one of the rules, it still continues down > the chain. So if a later rule also matches, it is that later rule's mark > that the packet ends up with. This is explained at the top of the > shorewall-tcrules manpage. >
The OP has confirmed that correcting the TC configuration has eliminated the original SMTP program. -Tom -- Tom Eastep \ The ultimate result of shielding men from the Shoreline, \ effects of folly is to fill the world with fools. Washington, USA \ -Herbert Spencer http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
