Hi, If my rules allow HTTP and HTTPS access (ports 80, 443) with an ACCEPT rule such as the following
ACCEPT lan1:10.215.144.0/23 wan tcp,udp 80,443 I'd like to know why I am seeing the following in the shorewall log when a user accesses a web page: kernel: Shorewall:wan-lan1:DROP:IN=wan OUT=lan.1 MAC=ac:1f:6b:9b:85:06:30:85:a9:8e:b6:ab:08:00 SRC=<EXTERNAL_IP_ADDR> DST=10.215.144.48 LEN=103 TOS=0x00 PREC=0x00 TTL=63 ID=63665 DF PROTO=TCP SPT=443 DPT=58011 WINDOW=140 RES=0x00 ACK PSH FIN URGP=0 Why is this packet dropped? I'm expecting it to be an HTTPS reply which should be allowed by the above rule. What can I do to debug this? Regards, Vieri _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
