Ismael Milach da Silveira wrote: > odd... i did it again, and it showed some traffic now. > > ############################################## > [EMAIL PROTECTED] doctor]$ /sbin/ifconfig > eth0 Link encap:Ethernet HWaddr 00:02:55:58:5E:C6 > inet addr:192.168.200.1 Bcast:192.168.200.255 Mask:255.255.255.0 > UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 > RX packets:38643181 errors:0 dropped:0 overruns:0 frame:0 > TX packets:38547925 errors:0 dropped:0 overruns:0 carrier:0 > collisions:0 txqueuelen:1000 > RX bytes:991136881 (945.2 Mb) TX bytes:197020047 (187.8 Mb) > Interrupt:27 Base address:0x2000 > > [EMAIL PROTECTED] doctor]$ wget www.doctornet.com.br/matrix.zip > --15:04:21-- http://www.doctornet.com.br/matrix.zip > => `matrix.zip.2' > Resolving www.doctornet.com.br... done. > Connecting to www.doctornet.com.br[201.3.160.245]:80... connected. > HTTP request sent, awaiting response... 200 OK > Length: 199,947,030 [application/zip]
Wait a minute -- traffic leaving the firewall through interface eth1 should never have source IP 192.168.200.1 -- it will have destination address 192.168.200.1. So you marking rules are screwed up.... -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys - and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
