On 7/9/20 8:57 AM, Vieri Di Paola wrote: > Hi, > > I've captured a dump while trying to ping host with IP addr. > 10.215.246.24 from host with IP addr. 10.215.144.251. > Both are within the same zone 'lan1',but they have different network settings. > > The host with IP addr. 10.215.246.24 is a Windows Server with these settings: > > netmask 255.255.254.0 > default gateway 10.215.246.91 (Shorewall Firewall) > > The host with IP addr. 10.215.144.251 is a Linux machine with these settings: > > netmask 255.255.254.0 > default gateway 10.215.144.91 (Shorewall Firewall) > > From the Shorewall Firewall I can ping any one of these two hosts. > > The Linux host can ping 10.215.144.91, but it cannot ping > 10.215.246.91 or any other IP addr. in the 10.215.246.x-10.215.247.x > range. > When it tries to ping a host in that range (eg. 10.215.246.24) then I > see this on the Shorewall Firewall: > > # tcpdump -n -i lan.1 host 10.215.246.24 and host 10.215.144.251 > dropped privs to tcpdump > tcpdump: verbose output suppressed, use -v or -vv for full protocol decode > listening on lan.1, link-type EN10MB (Ethernet), capture size 262144 bytes > 17:36:57.093732 IP 10.215.144.251 > 10.215.246.24: ICMP echo request, > id 224, seq 256, length 40 >
Do you see each packet twice (once inbound and once outbound)? -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
