On 03/31/2012 07:46 AM, Tom Eastep wrote: > On 03/30/2012 07:56 PM, AD wrote: > >> As discussed on IRC I noticed my configuration stopped working for >> Shorewall 4.4.22.1, and in fact the change appears to be somewhere >> in this followin patch because it used to work fine in 4.4.21.1: >> http://www1.shorewall.net/pub/shorewall/4.4/shorewall-4.4.22/patch-4.4.22 >> . > >> I have attached a dump and my interfaces file. The problem happens >> on the host's interface br10 which is bridged to a veth interface >> on the OpenVZ guest. This interface has the dhcp option set in the >> interfaces file, like it should. Clearing the host's shorewall >> allows the DHCP traffic to reach the guest. Nothing useful gets >> logged.
>
> br10 doesn't have an IP address. So if that worked with
> Shorewall-4.4.21, it is a mystery to me as to how it did it. If you
> forward a dump with 4.4.21, I'll compare the two to see if I missed
> something in the above analysis.
>
One word of caution: Your configuration will not work correctly using
releases 4.4.26 - 4.5.1. You can work around the problem in one of two ways:
- Remove the 'nets' option when 'dhcp' is specified; or
- Include 0.0.0.0/32 in the 'nets' list.
This issue will be resolved in 4.5.2.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ This SF email is sponsosred by: Try Windows Azure free for 90 days Click Here http://p.sf.net/sfu/sfd2d-msazure
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
