-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 06/15/2017 02:10 AM, Vieri Di Paola via Shorewall-users wrote: > Hi, > > I'm trying to update to shorewall 5.1 with a config that is > *supposedly* working with 5.0. > > In any case, I'm trying to ping from a host in lan zone with IP > addr. 10.215.144.48 to a host in IBS zone with IP addr. > 10.215.9.172. ICMP traffic should be allowed but the client isn't > receiving any replies. I'm attaching the shorewall dump. > > /var/log/shorewall/info.log only has messages of this kind when > restarted: > > Jun 15 07:52:10 inf-fw2 root[32520]: Shorewall Stopped Jun 15 > 07:52:11 inf-fw2 root[900]: Shorewall started > > /var/log/shorewall-init.log doesn't seem to contain any error > messages. > > Please note that this shorewall box was supposed to replace another > one with the same IP address (it's the default gateway/firewall). > So I merely unplugged the ethernet cables from the "old" shorewall > box and plugged them into the new one. It didn't occurr to me to > try and ping $FW from a lan host or connect via ssh. However, from > within the $FW console I could ping to any host IP addresses in all > "zones". > > > The switch happened at 07:45:05 and had to revert to the old FW at > 07:52:11 because the users were already complaining. > > Could there be an arp cache issue? >
Definitely. - -Tom - -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJZQp9PAAoJEJbms/JCOk0QgPkQALM7W8/+2O6en5s3t0Ht1kaJ /9rOybfR5OiyVT+Xm+ENNA0yVaF1eOMwQnCHujMkPmzfT1TqDs3WUEepfVod+Jlx fl8UZ67GzML84AZGRlwsBKmivr7NMSXcV541Y+LsUvjfEEI+PY+oJOw5Dtm6Lb5H iVgxp5wahEZ4e4H8gT9R682+sTK81TF8srLhcdziDOfanqvaFeBsp79V7FaXT5as UX1Duls+mnS2IW3BcFTLfVrY/WhFdh8fdpvpD/g146q46HTD9UBkbRv3TskADSC3 5p7olKJUnrdStpMMkYj30oj/d0KwdVM2jpGPtP/EGX3RY9bQ2W0pEVYEYfyF5Ajk yzb9NOnS6rqtjhsniVQixe5sSUFPjyFo74+He8+peYd/LI26xMiXclNfeJgMPJ1U VvrAfm8P7ePeDUH2oT3zFi23NmMRGvktYPwwv1TWpGB4FFZvegVBl15j/462Gi9Y w0yT825SXZaHSLJUr3D6WuqCFfSo8B+1FH5CK/baAFjtKJTCqWc0lp5gxQHBsJBt 3Mf+NGTbYjWBcQMEfVL73zHlCTwAfEea3AA8cpXbmXyOwkbbRi+jFbznln0TeVRu tVqNLIwuM4TAcKEtoOTnmeI0CrccsRU4SNxw7Z3rlaxIQZ2CAtU3PEN1sOkJNCQK HeireObtlcNkbUEP5LAl =Rf1b -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
