Rich Wales wrote: > I'm trying to replace my current firewall at home (a FreeBSD box using PF) > with Shorewall. However, for some reason I'm unable to get the new > firewall > to talk to the Internet. > > See the attached output from "shorewall dump". My local network is using > 172.29.0.0/24, with an experimental DMZ on 172.29.11.0/24. I have four > static public IP addresses (171.66.155.243 - 171.66.155.246). > > As best I can tell from the "shorewall dump" output, it looks like I'm not > getting any inbound packets from the Internet at all. Lots of stuff is > being sent out to the Internet, but nothing is coming back (e.g., no TCP > connections are being set up, and UDP services like NTP and DNS are not > receiving any replies to queries). > > When I reconnected my current firewall, everything starting working again > just fine. > > Any ideas?
Sounds like a stale ARP cache problem in the upstream router. I presume that "shorewall clear" doesn't improve the situation? -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- Take Surveys. Earn Cash. Influence the Future of IT Join SourceForge.net's Techsay panel and you'll get the chance to share your opinions on IT & business topics through brief surveys-and earn cash http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
