Trent O'Callaghan wrote: > > While performance has improved the gc_stale_time change could have > undesirable side effects so I would still like to find out if Shorewall can > improve the SNAT / ARP issue at the root of this? > Trent,
At cannot. To mangle ARP packets, you need to use the arptables utility which Shorewall does not currently provide support for. I'm actually a bit surprised that the Linux IP stack is behaving this way but then I've never seen a configuration quite like yours either. Sorry that I can't be of more help, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ The Planet: dedicated and managed hosting, cloud storage, colocation Stay online with enterprise data centers and the best network in the business Choose flexible plans and management services without long-term contracts Personal 24x7 support from experience hosting pros just a phone call away. http://p.sf.net/sfu/theplanet-com
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
