Thanks for the mail. I did not understand the shorewall dump. How do I take the shorewall dump.
Boby -----Original Message----- From: Roberto C. Sánchez [mailto:[email protected]] Sent: Friday, April 29, 2011 5:26 PM To: [email protected] Subject: Re: [Shorewall-users] Shorewall Dropping IP On Fri, Apr 29, 2011 at 04:46:42PM +0530, Boby Philip wrote: > 1. I have added TCP port 1723 in the shorewall exception rule. > > ACCEPT:info LOC:64.122.94.51 > INET tcp 1723 #pptp > ACCEPT:info LOC:64.122.94.51 > INET 47 > > > > Apr 29 16:08:08 PathFinder kernel: Shorewall:all2all:DROP:IN=eth1 OUT=eth0 > SRC=192.168.10.12 > DST=64.122.94.51 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=44826 DF PROTO=TCP > SPT=4001 DPT=1723 > WINDOW=65535 RES=0x00 SYN URGP=0 > Boby, Same as with the question you posted last night, you have an ACCEPT rule that designates two zones, but the traffic is not matching to those zones. The traffic is being rejected because it only matches the all2all policy, which is cleary set to REJECT. Please post the output of 'shorewall dump' (run as root) so that we can help you. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com ------------------------------------------------------------------------------ WhatsUp Gold - Download Free Network Management Software The most intuitive, comprehensive, and cost-effective network management toolset available today. Delivers lowest initial acquisition cost and overall TCO of any competing solution. http://p.sf.net/sfu/whatsupgold-sd _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
