On Tuesday 08 April 2014 08.59:04 Tom Eastep wrote: > On 4/7/2014 3:38 AM, Bruno Friedmann wrote: > > > Meeee, I will never find a small enough hole to hide myself in it!!! > > My feeling of missing something evident confirmed, a big thanks Tom. > > > > After fixing the failure, I've tried the configuration. But I'm a bit > > puzzle by the log I get > > > > I'm seeing a lot of DROP for traffic in net2dmz but that shouldn't normally > > concern my vhost > > > > Apr 7 11:42:10 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 > > MAC=00:25:90:50:af:3c:6c:9c:ed:bb:bd:80:08:00 SRC=24.25.227.67 > > DST=176.31.224.27 LEN=59 TOS=00 PREC=0x00 TTL=238 ID=38975 DF PROTO=UDP > > SPT=62600 DPT=53 LEN=39 MARK=0 > > Apr 7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 > > MAC=02:00:00:11:69:43:6c:9c:ed:bb:bd:80:08:00 SRC=37.59.224.97 > > DST=176.31.32.135 LEN=123 TOS=00 PREC=0x00 TTL=61 ID=61237 DF PROTO=UDP > > SPT=40642 DPT=1200 LEN=103 MARK=0 > > Apr 7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 > > MAC=02:00:00:89:d7:f2:6c:9c:ed:bb:bd:80:08:00 SRC=193.57.110.171 > > DST=5.135.101.211 LEN=60 TOS=00 PREC=0x00 TTL=56 ID=23071 PROTO=TCP > > SPT=34510 DPT=80 SEQ=2564968756 ACK=0 WINDOW=65535 SYN URGP=0 MARK=0 > > Apr 7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 > > MAC=00:25:90:50:af:3c:6c:9c:ed:bb:bd:80:08:00 SRC=178.255.84.39 > > DST=176.31.224.27 LEN=74 TOS=00 PREC=0x00 TTL=52 ID=23876 PROTO=UDP > > SPT=30851 DPT=53 LEN=54 MARK=0 > > Apr 7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 > > MAC=00:25:90:50:af:3c:6c:9c:ed:bb:bd:80:08:00 SRC=212.54.41.229 > > DST=176.31.224.27 LEN=75 TOS=00 PREC=0x00 TTL=57 ID=36903 PROTO=UDP > > SPT=55191 DPT=53 LEN=55 MARK=0 > > Apr 7 11:42:11 obione SHw4:net2dmz:DROP: IN=br0 OUT=br0 > > MAC=00:25:90:53:4d:e4:6c:9c:ed:bb:bd:80:08:00 SRC=188.165.253.24 > > DST=176.31.224.190 LEN=60 TOS=00 PREC=0x00 TTL=62 ID=27903 DF PROTO=TCP > > SPT=39169 DPT=6767 SEQ=732529407 ACK=0 WINDOW=5840 SYN URGP=0 MARK=0 > > > > > > The main ip (fw/br0 is 176.31.224.222/24) and for the vm the provider want > > the setup to be > > 46.105.242.147/32 > > > > Look like I'm still missing one piece. > > May we see the updated config and a dump? > > Thanks, > -Tom > Here's the tgz of the adapted configuration.
+one dump before the vm is on vm.off.gz All expected incoming traffic or blocked on the main host (fw) is working as expected. +one dump after the vm is started vm.on.gz In system log I found : avr 11 14:26:27 obione kernel: xt_CT: No such helper "ftp-0" avr 11 14:26:27 obione kernel: xt_CT: No such helper "irc-0" avr 11 14:26:27 obione kernel: xt_CT: No such helper "sane-0" avr 11 14:26:27 obione kernel: xt_CT: No such helper "sip-0" avr 11 14:26:27 obione kernel: xt_CT: No such helper "tftp-0" And immediately after starting the vm, the ULOG file are full of traffic like shown above. -- Bruno Friedmann Ioda-Net Sàrl www.ioda-net.ch openSUSE Member & Board GPG KEY : D5C9B751C4653227 irc: tigerfoot ~~~Don't take Life too serious. Nobody gets out alive anyway!~~~ ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
