Rich Wales wrote: > > The attached Shorewall dump should be capturing what happened when I > did "telnet 172.31.53.5 http" (and successfully connected) from a host > on my LAN (172.29.0.29). I'm confused that the dump doesn't seem > to show ANY PACKETS AT ALL being processed for port 80 on the domU > (172.31.53.5). Is it possible that something is still broken with the > networking in my Xen configuration, and that traffic between my LAN and > my domU's is completely bypassing Shorewall?
No. You have not defined eth5:172.31.53.5 to be part of any zone. To compensate for this inadequate zone definition, you have configured an all->all policy of ACCEPT! That policy is allowing anything from anywhere to anywhere. -Tom -- Tom Eastep \ Nothing is foolproof to a sufficiently talented fool Shoreline, \ http://shorewall.net Washington USA \ [EMAIL PROTECTED] PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2005. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
