Sorry I sent the old interface config here's the correct one! Shorewall 4.2.10
and Shorewall -perl 4.2.10.3
-----------------Interfaces ----------------#ZONE INTERFACE BROADCAST OPTIONS
net eth5 detect routeback,tcpflags
loc eth3 detect
loc1 eth4 detect
________________________________
From: Tom Eastep <[email protected]>
To: Shorewall Users <[email protected]>
Sent: Monday, August 31, 2009 5:17:30 PM
Subject: Re: [Shorewall-users] LOC traffic shows up as NET traffic
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 08/31/2009 02:07 PM, Surge wrote:
> He's the short I have a Dns Server running on my firewall box, as you
> can see below I'm allowing all my clients on the local subnet to
> reach the $fw box to resolve the DNS but the firewall thinks it's NET
> traffic not LOC traffic. Any suggestions.
>
> Running Suse 11 with Shorewall 4.2 w/perl. Tried 4.4 and the same
> issue, HELP!!!!!
>
> ----------------Firewall Log ----------------
>
> Aug 31 16:51:24 fw22 kernel: Shorewall:net2fw:DROP:IN=eth5 OUT=
> MAC=00:0c:29:74:9c:0c:08:00:20:b2:5f:db:08:00 SRC=10.1.50.14
> DST=10.1.50.7 LEN=57 TOS=0x00 PREC=0x00 TTL=255 ID=32302 DF PROTO=UDP
> SPT=53289 DPT=53 LEN=37
That traffic is entering your firewall on eth5 which isn't even
mentioned in your interfaces file.
Do you have the local network bridged to an unused firewall interface?
- -Tom
- --
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Fedora - http://enigmail.mozdev.org/
iEYEARECAAYFAkqcPeoACgkQO/MAbZfjDLIbwwCfcBXCWeBmhmc5brInXpIaQq1h
B2MAnRhyz3wmiVLPUg+Oa7Z5pMPHsdoE
=s4HK
-----END PGP SIGNATURE-----
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
------------------------------------------------------------------------------
Let Crystal Reports handle the reporting - Free Crystal Reports 2008 30-Day
trial. Simplify your report design, integration and deployment - and focus on
what you do best, core application coding. Discover what's new with
Crystal Reports now. http://p.sf.net/sfu/bobj-july
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
