Hi, I've captured a dump while trying to ping host with IP addr. 10.215.246.24 from host with IP addr. 10.215.144.251. Both are within the same zone 'lan1',but they have different network settings.
The host with IP addr. 10.215.246.24 is a Windows Server with these settings: netmask 255.255.254.0 default gateway 10.215.246.91 (Shorewall Firewall) The host with IP addr. 10.215.144.251 is a Linux machine with these settings: netmask 255.255.254.0 default gateway 10.215.144.91 (Shorewall Firewall) >From the Shorewall Firewall I can ping any one of these two hosts. The Linux host can ping 10.215.144.91, but it cannot ping 10.215.246.91 or any other IP addr. in the 10.215.246.x-10.215.247.x range. When it tries to ping a host in that range (eg. 10.215.246.24) then I see this on the Shorewall Firewall: # tcpdump -n -i lan.1 host 10.215.246.24 and host 10.215.144.251 dropped privs to tcpdump tcpdump: verbose output suppressed, use -v or -vv for full protocol decode listening on lan.1, link-type EN10MB (Ethernet), capture size 262144 bytes 17:36:57.093732 IP 10.215.144.251 > 10.215.246.24: ICMP echo request, id 224, seq 256, length 40 Any other host in the 10.215.246.x-10.215.247.x range can however ping hosts in the 10.215.144.x-10.215.145.x range in the 'lan1' zone. So there's something fishy with this Linux host. Any suggestions? The Shorewall dump is here: https://drive.google.com/file/d/1EVOWDi5GvwEB_hvOW6twplPO6YZhy-3q/view?usp=sharing Regards, Vieri _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
