Hi, I think you will find that this is broadcast traffic on the green lan. The firewall rule that will be causing this to be dropped will be in the system access rules. I wouldn't worry about it if i were you. Also, setting the allow green to green - forward any only has any effect if you have more than one green interface in your system.
Kevin Sent from my HTC -----Original Message----- From: <russ...@aol.com> Sent: Thursday, December 16, 2010 4:28 To: efw-user@lists.sourceforge.net Subject: [Efw-user] Inter-Zone Firewall Blocking Traffic on Green (Port 137/138) I'm using the default inter-zone traffic settings for the firewall, which shows it allows GREEN -> GREEN ANY. However, I am logging blocked packets on the firewall, and I see this: INPUTFW:DROP UDP (br0) 192.168.1.199:137 -> 192.168.1.255:137 It seems it is still blocking inter-zone traffic - the GREEN interface is configured on the 192.168.1.0/24 subnet. Anyone have any ideas how to stop this? It even happens if I turn off the inter-zone firewall altogether. The only thing that looks different in the logs to me is that blocked traffic from the uplink state INPUT:DROP, whereas these inter-zone logs say INPUTFW:DROP. I tried adding IP addresses specifically to the inter-zone firewall as well, setting it to allow FROM 192.168.7.199 to 192.168.7.255 on TCP+UDP ports 137/138, and it still shows that it drops them. I've tried turning off services such as IPS as well, without any luck. Does anyone have any idea at all? If you look at your logs, do you see these dropped packets as well? Just running a simple 'net view /domain' on a windows box on green will force it to make the attempt, and for me it generates the dropped packets in the live firewall log every time. The way the hardware is configured is eth0 (which automatically runs as br0) is green, and eth1 is red, if it makes a difference. ------------------------------------------------------------------------------ Lotusphere 2011 Register now for Lotusphere 2011 and learn how to connect the dots, take your collaborative environment to the next level, and enter the era of Social Business. http://p.sf.net/sfu/lotusphere-d2d _______________________________________________ Efw-user mailing list Efw-user@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/efw-user
