On 8/15/2015 4:27 PM, Tom Eastep wrote: > On 8/15/2015 1:05 PM, Valter Santos wrote: >> Tom, >> >> $ ip route ls >> >> default via 111.111.116.1 dev eth1 >> 10.128.0.0/11 <http://10.128.0.0/11> dev eth0 proto kernel scope link >> src 10.154.72.194 >> 10.234.56.0/24 <http://10.234.56.0/24> dev tun0 proto kernel scope >> link src 10.234.56.1 >> 169.255.30.1 dev eth0 scope link >> 111.111.116.0/22 <http://111.111.116.0/22> dev eth1 proto kernel scope >> link src 111.111.119.12 >> 111.111.116.1 dev eth1 scope link >> > > It appears that you have ROUTE_FILTER=Yes in shorewall.conf. Setting it > to No should resolve your issue. >
That's on Host A, of course. You may wish to set the route_filter option on the other interfaces (except for tun1). -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
