Sorry for the delay, other things, etc. "Did you make an attempt to reconnect before taking the dump that you forwarded?"
Right, I attempted to duplicate the issue exactly, before doing a "shorewall dump". "And are you seeing martian messages in /etc/shorewall/kern.log when you try to reconnect?" I don't have a "/etc/shorewall/kern.log", but I do log to "LOGFILE=/var/log/messages", which appears to contain kernel messages from shorewall: (Where the "Shorewall restarted" is my "shorewall try" command to load my test configuration) Jan 3 11:09:03 iPredator-debian ipredator: Shorewall restarted Jan 3 11:12:29 iPredator-debian kernel: [168457.789332] Shorewall:vpn2fw:REJECT:IN=tun0 OUT= MAC= SRC=2.216.223.111 DST=93.182.186.189 LEN=134 TOS=0x00 PREC=0x00 TTL=113 ID=27441 PROTO=UDP SPT=35408 DPT=25627 LEN=114 MARK=0x2 Jan 3 11:12:31 iPredator-debian kernel: [168459.799275] Shorewall:vpn2fw:REJECT:IN=tun0 OUT= MAC= SRC=2.216.223.111 DST=93.182.186.189 LEN=134 TOS=0x00 PREC=0x00 TTL=113 ID=27451 PROTO=UDP SPT=35408 DPT=25627 LEN=114 MARK=0x2 Jan 3 11:12:35 iPredator-debian kernel: [168463.807191] Shorewall:vpn2fw:REJECT:IN=tun0 OUT= MAC= SRC=2.216.223.111 DST=93.182.186.189 LEN=134 TOS=0x00 PREC=0x00 TTL=113 ID=27460 PROTO=UDP SPT=35408 DPT=25627 LEN=114 MARK=0x2 Jan 3 11:13:14 iPredator-debian kernel: [168501.918589] Shorewall:vpn2fw:REJECT:IN=tun0 OUT= MAC= SRC=50.140.17.176 DST=93.182.186.189 LEN=90 TOS=0x00 PREC=0x00 TTL=109 ID=13353 PROTO=UDP SPT=24265 DPT=63211 LEN=70 MARK=0x2 But while attempting to reconnect, no new information is logged, just the errors on the command line: "Thu Jan 3 11:16:28 2013 write UDPv4 []: Network is unreachable (code=101)" On 1/2/13, Tom Eastep <[email protected]> wrote: > On 1/2/13 1:37 PM, Tom Eastep wrote: >> On 01/02/2013 10:48 AM, f q wrote: >>> First of all: Thank you for your timely reply! I see the list is >>> quite busy and see your name pop-up in most threads; As well as >>> releasing a new version and other personal concerns, you must keep >>> quite busy! >>> >> >>> I attempted an experiment, by adding the option: >>> >>> local 192.168.0.38 >>> >>> And commenting out the "nobind" option in my openVPN configuration, >>> but I observed the same behavior of the "start firewall, connect, >>> restart firewall, disconnect, fail reconnect" as detailed previously. >>> >> >> Did you make an attempt to reconnect before taking the dump that you >> forwarded? > > And are you seeing martian messages in /etc/shorewall/kern.log when you > try to reconnect? > > -Tom > -- > Tom Eastep \ When I die, I want to go like my Grandfather who > Shoreline, \ died peacefully in his sleep. Not screaming like > Washington, USA \ all of the passengers in his car > http://shorewall.net \________________________________________________ > > ------------------------------------------------------------------------------ Master Visual Studio, SharePoint, SQL, ASP.NET, C# 2012, HTML5, CSS, MVC, Windows 8 Apps, JavaScript and much more. Keep your skills current with LearnDevNow - 3,200 step-by-step video tutorials by Microsoft MVPs and experts. ON SALE this month only -- learn more at: http://p.sf.net/sfu/learnmore_122712 _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
