Tom,
On Tue, Apr 5, 2011 at 10:58 AM, Tom Eastep <[email protected]> wrote:
> Check the REJECT messages and note the IN= interface. Is it the one you
> expect?
No, actually, that's showing the loc zone (eth1). I see some other
REJECTS for 192.168.0.x to 192.168.0.x addresses in the log too. So,
tried adding 'routeback' to the the interfaces file for loc/eth1 and
did some testing and it does seem to have resolved it. I've not had to
add that option to the interfaces file for the loc zone before. Does
this make sense to you as to what the issue may have been?
Also seems very odd that it was working fine for a couple 3-4 months
and then stopped without any changes in the shorewall config. Would
expect it, if routeback missing was the problem, to not work from the
beginning....
Will see if this 'fix' persists I guess over the coming days....
> Check to be sure that your WAN network and LAN network aren't bridged.
They are not. We have:
LAN 192.168.0.x
|
eth1
|
SHOREWALL FIREWALL
--------------+-----------------
eth0 eth2
| |
| |
AxisInternet Comcast
Thanks!
Chris
------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
