"Art Beane" <[EMAIL PROTECTED]> writes: > SBC (formerly Southwestern Bell) has begun routing addresses in the > 70.240.0.0 - 70.240.255.255 address range onto the public Internet. One of > my user's DSL link has been reassigned into that range. I've had the > untrusted/WAN interface on mnf8.2 set to NORFC1918 and discovered that these > addresses are being blocked: > > May 25 14:46:34 firewall kernel: Shorewall:rfc1918:DROP:IN=eth1 OUT=eth0 > SRC=70.240.xxx.xxx DST=192.168.xxx.xxx LEN=48 TOS=0x00 PREC=0x00 TTL=111 > ID=6403 DF PROTO=TCP SPT=1076 DPT=25 WINDOW=64240 RES=0x00 SYN URGP=0 > May 25 14:56:11 firewall kernel: Shorewall:rfc1918:DROP:IN=eth1 OUT=eth0 > SRC=70.240.xxx.xxx DST=192.168.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=239 > ID=26257 DF PROTO=TCP SPT=4710 DPT=143 WINDOW=0 RES=0x00 ACK RST URGP=0 > > I've shut off the NORFC1918 on the interface, so the user can now connect to > his email. But, I'd like to get this resolved and get RFC1918 blocking > turned back on. > > 1) Why is MNF treating 70/8 network as RFC1918? > 2) Is there a way to make RFC1918 blocking strictly adhere to 10/8, > 172.16/12 and 192.168/16? > > Thanks for any help.
What shorewall version are we talking about ? -- Florin Grad http://www.mandrakesoft.com http://people.mandrakesoft.com/~florin/
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________
