Re: [Shorewall-users] Help with configuration bridge/kvm vnet host

Tom Eastep Tue, 08 Apr 2014 09:09:51 -0700

On 4/7/2014 3:38 AM, Bruno Friedmann wrote:

> Meeee, I will never find a small enough hole to hide myself in it!!!
> My feeling of missing something evident confirmed, a big thanks Tom.
> 
> After fixing the failure, I've tried the configuration. But I'm a bit puzzle 
> by the log I get 
> 
> I'm seeing a lot of DROP for traffic in net2dmz but that shouldn't normally 
> concern my vhost
> 
> Apr  7 11:42:10 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 
> MAC=00:25:90:50:af:3c:6c:9c:ed:bb:bd:80:08:00 SRC=24.25.227.67 
> DST=176.31.224.27 LEN=59 TOS=00 PREC=0x00 TTL=238 ID=38975 DF PROTO=UDP 
> SPT=62600 DPT=53 LEN=39 MARK=0
> Apr  7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 
> MAC=02:00:00:11:69:43:6c:9c:ed:bb:bd:80:08:00 SRC=37.59.224.97 
> DST=176.31.32.135 LEN=123 TOS=00 PREC=0x00 TTL=61 ID=61237 DF PROTO=UDP 
> SPT=40642 DPT=1200 LEN=103 MARK=0
> Apr  7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 
> MAC=02:00:00:89:d7:f2:6c:9c:ed:bb:bd:80:08:00 SRC=193.57.110.171 
> DST=5.135.101.211 LEN=60 TOS=00 PREC=0x00 TTL=56 ID=23071 PROTO=TCP SPT=34510 
> DPT=80 SEQ=2564968756 ACK=0 WINDOW=65535 SYN URGP=0 MARK=0
> Apr  7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 
> MAC=00:25:90:50:af:3c:6c:9c:ed:bb:bd:80:08:00 SRC=178.255.84.39 
> DST=176.31.224.27 LEN=74 TOS=00 PREC=0x00 TTL=52 ID=23876 PROTO=UDP SPT=30851 
> DPT=53 LEN=54 MARK=0
> Apr  7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 
> MAC=00:25:90:50:af:3c:6c:9c:ed:bb:bd:80:08:00 SRC=212.54.41.229 
> DST=176.31.224.27 LEN=75 TOS=00 PREC=0x00 TTL=57 ID=36903 PROTO=UDP SPT=55191 
> DPT=53 LEN=55 MARK=0
> Apr  7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 
> MAC=00:25:90:53:4d:e4:6c:9c:ed:bb:bd:80:08:00 SRC=188.165.253.24 
> DST=176.31.224.190 LEN=60 TOS=00 PREC=0x00 TTL=62 ID=27903 DF PROTO=TCP 
> SPT=39169 DPT=6767 SEQ=732529407 ACK=0 WINDOW=5840 SYN URGP=0 MARK=0
> 
> 
> The main ip (fw/br0 is 176.31.224.222/24) and for the vm the provider want 
> the setup to be 
> 46.105.242.147/32
> 
> Look like I'm still missing one piece.


May we see the updated config and a dump?

Thanks,
-Tom
-- 
Tom Eastep        \ When I die, I want to go like my Grandfather who
Shoreline,         \ died peacefully in his sleep. Not screaming like
Washington, USA     \ all of the passengers in his car
http://shorewall.net \________________________________________________

signature.asc
Description: OpenPGP digital signature

------------------------------------------------------------------------------
Put Bad Developers to Shame
Dominate Development with Jenkins Continuous Integration
Continuously Automate Build, Test & Deployment 
Start a new project now. Try Jenkins in the cloud.
http://p.sf.net/sfu/13600_Cloudbees

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Re: [Shorewall-users] Help with configuration bridge/kvm vnet host

Reply via email to