darrin.tho...@123mail.org wrote: > I do see plenty of these > > Mar 14 08:31:21 rbox kernel: [53995.695471] SW:[P4]wifi02net:ACCEPT > IN=wlan0 OUT=enp1s0 SRC=10.128.128.200 DST=8.8.8.8 LEN=63 TOS=0x00 PREC=0x00 > TTL=63 ID=27812 DF PROTO=UDP SPT=15906 DPT=53 LEN=43 > > Mar 14 08:31:21 rbox kernel: [53995.809845] SW:[P4]wifi02net:ACCEPT > IN=wlan0 OUT=enp1s0 SRC=10.128.128.200 DST=8.8.4.4 LEN=73 TOS=0x00 PREC=0x00 > TTL=63 ID=27824 DF PROTO=UDP SPT=23073 DPT=53 LEN=53 > > which clearly shows traffic going out the physical ethernet through my ISP > connection, but no other traffic.
Being pedantic, it shows the packet being matched by a rule or policy. A packet sniffer would show if it was actually going out through the interface. The first thing that comes to mind is ... do you have an entry in masq that will change the source address ? That's bitten me more than once :-( ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
