Scott Ruckh wrote: > I have the following in my logs. > > Src Dest Proto Sport Dport Date > Log Prefix > a.b.c.d 239.255.67.250 udp 48421 16680 10/14/06 21:47 > Shorewall:inet2all:DROP: > > The source IP address is my ISP assigned address on my 'net' interface. > > Why do I have inet2all DROP log messages where the source IP is my 'net' > interface? > > If the DROP was because the DEST IP address was my ISP assigned address > that would make sense to me, but in this case I am not understanding what > is going on. > > I hope this type of question does not warrant all the stuff mentioned in > the shorewall help documentation. If it does, I apologize.
There isn't enough here for me to answer the question. At the very least, I need to: a) See the original log message, not one that's been put through a report-generation tool. Information like the IN and OUT interfaces are missing from what you sent. b) Understand the physical topology of the network. c) Understand the definitions of the zones involved (do you really have both 'net' and 'inet' zones?). d) Understand your routing. Sorry, -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
