Mikael Kermorgant wrote: > > > On Thu, Jun 18, 2009 at 7:10 PM, Mikael Kermorgant > <[email protected] <mailto:[email protected]>> wrote: > > > > Would anyone have an idea about why this happens ? Is this something > inherent to bridges I have not understood ? Or should I better look at > the switches ? > > > > I just found this in the FAQ which seems to apply to my problem : > > INPUT or FORWARD > > The packet has a source IP address that isn't in any of your defined > zones (“*shorewall[-lite] show zones*” and look at the printed zone > definitions) or the chain is FORWARD and the destination IP isn't in > any of your defined zones. If the chain is FORWARD and the IN and > OUT interfaces are the same, then you probably need > the *routeback* option on that interface > in |/etc/shorewall/interfaces > <manpages/shorewall-interfaces.html> |, you need > the *routeback* option in the relevant entry > in |/etc/shorewall/hosts <manpages/shorewall-hosts.html> or you've > done something silly like define a default route out of an internal > interface.| > > In Shorewall 3.3.3 and later versions with OPTIMIZE=1 > in shorewall.conf <manpages/shorewall.conf.html>, such packets may > also be logged out of a <zone>2all chain or the all2all chain. > > > I'll test that monday, but I still fail to understand how an udp stream > with a host ip destination can reach my machine with shorewall in a > switched environment.
Where can we read your original post? It apparently was not sent to this list. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Crystal Reports - New Free Runtime and 30 Day Trial Check out the new simplified licensing option that enables unlimited royalty-free distribution of the report engine for externally facing server and web deployment. http://p.sf.net/sfu/businessobjects
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
