Hi, I'm running shorewall 4.0.13 on Ubuntu 8, and everything has been smooth and easy so far. Thanks a lot. Shorewall runs on my home server, which acts both as a firewall/router as well as an application server. It's got two active ethernet ports for zones local and network, and (due to VMware2 on the server) some virtual network ports.
However, after playing around with shorewall's settings I found that mDNS didn't work anymore. I've got the avahi on the server, and both the server itself as well as clients on my network couldn't resolve .local domains anymore. The was nothing in the shorewall logs (I've got the last REJECT rule log with level INFO), but I made sure that the logging worked by accessing some strange ports somewhere, which promptly showed up in the log files. Nothing wrong with logging. After some serious frustration I switched off shorewall completely, allowing all traffic between all hosts. e voilá, mDNS worked like a charm. One of my tweaks of the shorewall settings was to enable the perl compiler, which was said to generate more effective and compact rules. Switching it back to "shell" in fact helped me with my mDNS problems, it's working again now. So, what did I do wrong here? I enabled multicasting in shorewall.conf and had an "allow all" rule for ICMP. Are you aware of any issues regarding mDNS? For the record: mDNS uses UDP port 5353 along with multicasts to 254.0.0.251. Avahi responds to these packets, announcing itself as a mDNS enabled host. Any help is appreciated. Regards, Christian ------------------------------------------------------------------------- This SF.Net email is sponsored by the Moblin Your Move Developer's challenge Build the coolest Linux based applications with Moblin SDK & win great prizes Grand prize is a trip for two to an Open Source event anywhere in the world http://moblin-contest.org/redirect.php?banner_id=100&url=/ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
