On Aug 10, 2010, at 1:24 PM, Tom Eastep wrote:
> On 8/10/10 9:11 AM, Matt Stocum wrote:
>> As a shotgun until I figure this out, I've added the following to
>> rules:
>>
>> ACCEPT all all udp
>> 137
>>
>
> If adding that rule fixes it, it sounds like your policies are blocking
> the traffic.
Sorry, I wasn't clear earlier, the rule was my attempt at a shotgun solution.
It didn't work.
I'm fairly sure at this that iptables itself is not blocking the traffic as
when I remove all references to SMB traffic (and tweak action.Drop/Reject to
enable logging of dropped SMB traffic) I do start getting dropped packets in
the logs. With my current setup I am not getting logs of dropped packets.
I think the problem ultimately is that no broadcast or multicast traffic is
traveling from bond0 (the public facing interface) to vlan10 (internal
traffic). The reverse is also true, broadcast traffic does not travel from
vlan10 to bond0. All traffic is making it to br0, however, which is the bridge
that bond0 and vlan10 are both joined to.
Is there any more information I can provide that might help?
Thanks,
-Matt
------------------------------------------------------------------------------
This SF.net email is sponsored by
Make an app they can't live without
Enter the BlackBerry Developer Challenge
http://p.sf.net/sfu/RIM-dev2dev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
