On Jan 19, 2008 8:25 PM, Tom Eastep <[EMAIL PROTECTED]> wrote: > I don't see anything wrong. Multicast packets are leaving your firewall > and you have a loc->fw ACCEPT policy so IGMP packets can reach the server. > > For the dump to be useful, the period of time covered by the dump must > include failures. Apparently there were none in the > 27 seconds covered by this dump.
Thanks for the prompt reply! Yes, I was hoping to have a small slice of time, to help isolate the problem. Maybe this is a clue: if I do: $ ping 224.0.0.1 I get: ping: sendmsg: Operation not permitted If I turn off shorwall, I don't get that message... I don't get anything back from ping, but that's probably another question, obviously unrelated to shorewall. I get the same thing when running the pulseaudio server... # pulseaudio --system -C E: sap.c: sendmsg() failed: Operation not permitted This last message repeats indefinitely, about once per second. The "sap.c" gives me the clue that multicast is implicated. I did both of these things (ping and pulseaudio) in those 27 seconds. I didn't see them in the DROP/REJECT tables either. Does shorewall flip any kernel switches that might turn off broadcast or multicast in a way that doesn't show up in the iptables? In other words, if my packets aren't getting caught in netfilter, what else might happen in "shorewall start" that causes the change in results? P.S. Just to be sure, I tried looking in sap.c to see what address(es) it uses, and found 224.0.0.56. Also, I looked at the RFC for SAP[1] and found this: "IPv4 global scope sessions use multicast addresses in the range 224.2.128.0 - 224.2.255.255 with SAP announcements being sent to 224.2.127.254 (note that 224.2.127.255 is used by the obsolete SAPv0 and MUST NOT be used)." But later in the same doc there is mention of using 239.x.y.z... which I also allowed in rules, but no difference. Thanks! [1] : http://tools.ietf.org/html/rfc2974 ------------------------------------------------------------------------- This SF.net email is sponsored by: Microsoft Defy all challenges. Microsoft(R) Visual Studio 2008. http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
