OK sorry for the typos I was in a hurry to get out of my office and back
home to see if I can get this thing figured out. I know that there is no
UPD, and that it is UDP, and I know that I fat fingured the ip. I never said
anything about knowing what rule was blocking the traffic just that it is
being blocked and I can tell cause the weblet shows the ports it blocked
traffic from.
Hits port Service
77 27015 CS
aids Shorewall:net2all:DROP: IN=eth0 OUT=
MAC=00:50:fc:99:90:89:00:01:5c:22:02:82:08:00 SRC=172.192.116.7
DST=12.212.68.51 LEN=38 TOS=00 PREC=0x00 TTL=114 ID=4266 PROTO=UDP SPT=1219
DPT=27015 LEN=18
I also did try 1a and 1b from the FAQ still with no luck. I know the local
machine is accepting traffic on that port cause from inside the network we
can connect, and if I remove the firewall everyone can connect. Also my ISP
does not block the port.
I am pretty sure that I have missed something simple never the less Im
stuck. Thanks for your help
-----Original Message-----
From: Ray Olszewski
To: Leaf User List
Sent: 12/17/2003 8:05 PM
Subject: RE: [leaf-user] opening UPD ports Bering with shorewall
At 07:46 PM 12/17/2003 -0800, Tom Eastep wrote:
>On Wed, 17 Dec 2003, Dalziel, Josh wrote:
>
> > That is what I put into my rules file and its still being blocked by
the
> > firewall :(
>
>Please post the output of "shorewall show nat" as a text attachment.
>
>And please don't reply off-list.
Actually, I'd suggest he provide (to the list) a bit more ... also
A. a sample of the log entries he's seeing that indicate the
packets are blocked (the log entries do usually have information about
what
rule is doing the blocking, and but the default table's FORWARD chain,
or a
chain is hands off to, still needs to ACCEPT the relevant traffic)
B. the ruleset in the default table, not just the nat table (I
don't remember the Shorewall command for that, but it is in the SR FAQ).
I few thoughts I had, about possible small errors that the original
poster
might miss, after seeing the original posting --
1. Is "the" FAQ that he "fallowed ... to a T" the Shorewall FAQ, item 1?
If
so, what did he learn when he followed steps 1a and 1b as described
there?
2. There is no protocol called "UPD" or "upd". There is udp. Since he
got
it right in the original e-mail only once out of three tries ... might
this
be a typo in what he actually did (and not just in his e-mail)?
3. Is "192.186.1.3:27015" really where he wants the traffic to go, or is
this a typo for "192.168.1.3:27015"? If it is a typo, might it also be
wrong in the rule he actually entered?
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for
IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys
admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
-------------------------------------------------------
This SF.net email is sponsored by: IBM Linux Tutorials.
Become an expert in LINUX or just sharpen your skills. Sign up for IBM's
Free Linux Tutorials. Learn everything from the bash shell to sys admin.
Click now! http://ads.osdn.com/?ad_id=1278&alloc_id=3371&op=click
------------------------------------------------------------------------
leaf-user mailing list: [EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/leaf-user
SR FAQ: http://leaf-project.org/pub/doc/docmanager/docid_1891.html
