On Wed, 2007-05-09 at 16:05 -0700, Tom Eastep wrote: > Brian J. Murrell wrote: > > On Wed, 2007-05-09 at 07:23 -0700, Tom Eastep wrote: > >> Brian J. Murrell wrote: > >> > >>> Any ideas? > >>> > >> "shorewall dump" output, please. > > > > [ sent ] > > > > But I was looking (with tcpdump) at what was leaving the ppp0 interface > > and noticed that there are packets with a source address of the vlan2 > > interface leaving, which is wrong. So to the nat table I go and see > > this: > > > > Chain POSTROUTING (policy ACCEPT 1862 packets, 195K bytes) > > pkts bytes target prot opt in out source > > destination > > 0 0 ppp0_masq all -- * ppp0 0.0.0.0/0 > > 0.0.0.0/0 > > 10773 912K vlan2_masq all -- * vlan2 0.0.0.0/0 > > 0.0.0.0/0 > > > > It seems that no packets are matching that "out: ppp0" rule, although I > > can most definitely see packets leaving that interface with tcpdump. > > Only packets in the NEW state traverse the nat table.
I wonder if this was my problem all along. It does seem to be gone now. What I was attempting this morning, with SSH seems to have disappeared and is working just fine now. b. -- My other computer is your Microsoft Windows server. Brian J. Murrell
signature.asc
Description: This is a digitally signed message part
------------------------------------------------------------------------- This SF.net email is sponsored by DB2 Express Download DB2 Express C - the FREE version of DB2 express and take control of your XML. No limits. Just data. Click to get it now. http://sourceforge.net/powerbar/db2/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
