Scott Ruckh wrote: > > Oct 15 00:25:17 shorewall-host Shorewall:inet2all:DROP: IN=eth2 OUT= MAC= > SRC=a.b.c.d DST=239.255.67.250 LEN=172 TOS=00 PREC=0x00 TTL=1 ID=0 DF > PROTO=UDP SPT=48421 DPT=16680 LEN=152 > > This is not the same log from above, but it still applies. The source IP > address is the IP address given to me by my ISP. > >> b) Understand the physical topology of the network. > > 3-network interface configuration. eth2=inet zone > >> c) Understand the definitions of the zones involved (do you really have >> both >> 'net' and 'inet' zones?). > > Nope this was me providing poor information. A good catch on your part. > My internet zone is actually inet, but as everyone uses net I was trying > to comply, but instead made things more confusing. > >> d) Understand your routing. > Farily typical 3-interface configuration. The policy going out for all > zones is Accept. Policy for inbound traffic is to block all. Inbound > connections are controlled through rules. > > I don't understand why my inet zone is the source address and the > destination is a non-defined address (presumably an internet address), and > the traffic is going through the firewall and being blocked. Obviously I > do not see much of this type of traffic, and do not understand what is > going on.
Your firewall is sending a multi-cast (which it is also receiving) and it is getting logged (the destination IP is in 224.0.0.0/4). This usually means that you need to set PKTTYPE=No in shorewall.conf as your Netfilter 'pkttype' implementation is not matching that packet as multi-cast. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
