On 11/20/2014 00:42 AM, Tom Eastep wrote:
No -- but they are pretty obvious. Given the error message you are
seeing, something you are doing requires the IP address of eth0. Some
possibilities are:
- You are calling find_first_interface_address() in your params file
- You have used "ð0" or "%eth0" in one of your files
- You have used "detect:" in a rule.
- You have entered "detect" in the ADDRESS column in the masq file
Thanks Tom, and yes, that seems to be it. I have the Address column in
masq as detect, probably for historical reasons from when I was setting
it up in a test environment. That interface now has 17 IP addresses
(recently increased from 9), 16 associated with DNAT rules. So masq
would have been using them all as masqueraded adresses, which is not
what I intended.
Regards - Philip
------------------------------------------------------------------------------
Download BIRT iHub F-Type - The Free Enterprise-Grade BIRT Server
from Actuate! Instantly Supercharge Your Business Reports and Dashboards
with Interactivity, Sharing, Native Excel Exports, App Integration & more
Get technology previously reserved for billion-dollar corporations, FREE
http://pubads.g.doubleclick.net/gampad/clk?id=157005751&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
