Tom Eastep wrote: > ... >> Jan 31 12:37:15 d205-206-104-186 kernel: >> Shorewall:all2all:REJECT:IN=eth1 OUT=eth0 SRC=10.0.50.144 >> DST=161.184.172.35 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=57267 DF >> PROTO=TCP SPT=4067 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0 >> ... > The destination host (161.184.172.35) is defined to be in the 'admin' > zone and loc->admin connections are disallowed by your configuration.
That's my cue to pop up and recommend that people explicitly define
every zone combination in their policy file so that sensible log
messages result:
http://linuxman.wikispaces.com/PPPPPPS#tocPPPPPPS3
--
Paul
<http://paulgear.webhop.net>
--
Did you know? Some on-line music services encourage you to share your
music with your friends legally. Find out more about ethical digital
music distribution: http://magnatune.com/info/whynotevil
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier. Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
