On 07/21/2017 06:31 AM, kazabe wrote: > HI. > > this is the shorewall dump
In the future, please send dumps as an attachment. It's a pain trying to read a dump that is folded to a 76-character width. Thanks. > > Shorewall 5.1.4.1 Dump at CompanyFirewall - vie jul 21 08:22:37 -05 2017 > > Shorewall is running > State:Started dom jul 16 10:37:02 -05 2017 from /etc/shorewall/ > (/var/lib/shorewall/firewall compiled jue jul 6 07:56:38 -05 2017 by > Shorewall version 5.1.4.1) > > Jul 21 08:22:37 sfilter DROP IN=eth1 OUT=eth1 SRC=192.168.201.84 > DST=200.13.224.254 LEN=64 TOS=0x00 PREC=0x00 TTL=127 ID=15698 > PROTO=UDP SPT=62499 DPT=53 LEN=44 > Jul 21 08:22:37 loc-net ACCEPT IN=eth0 OUT=eth1 SRC=192.168.1.56 > DST=8.8.8.8 LEN=65 TOS=0x00 PREC=0x00 TTL=127 ID=4392 PROTO=UDP > SPT=54314 DPT=53 LEN=45 > Jul 21 08:22:37 sfilter DROP IN=eth1 OUT=eth1 SRC=192.168.1.51 > DST=200.13.249.101 LEN=61 TOS=0x00 PREC=0x00 TTL=127 ID=26603 > PROTO=UDP SPT=56996 DPT=53 LEN=41 > Jul 21 08:22:37 sfilter DROP IN=eth1 OUT=eth1 SRC=192.168.1.51 > DST=200.13.224.254 LEN=61 TOS=0x00 PREC=0x00 TTL=127 ID=26604 > PROTO=UDP SPT=56996 DPT=53 LEN=41 > > IP Configuration > > 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN > inet 127.0.0.1/8 scope host lo > 2: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen > 1000 > inet 64.64.64.64/30 brd 190.248.94.223 scope global eth1 > 3: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP qlen > 1000 > inet 192.168.1.1/24 brd 192.168.1.255 scope global eth0 > inet 192.168.201.1/24 brd 192.168.201.255 scope global eth0:0 Note that 192.168.1.51 should interface via eth0, yet the packets from that host are entering the firewall on eth1! So it looks like you may have both of the firewall's interfaces connected to the same switch. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
