On 31.01.2012 01:39, Michael Kress wrote: > On 30.01.2012 22:29, Michael Kress wrote: >> loc eth0 detect >> loc eth1 detect >> loc eth2 detect >> >> > > ok, I think I've found the configuration fault ... the requests > obviously came in over eth0 (I've told apache to also log the local > interface, but there was no request yet since then, but either that > trap or syslog (blacklisted packet) will tell). But I've made similar > tests and those were successful. In my case, connections that come > over eth0, come from outside on my home dsl router and then get > forwarded to eth0. The others are different vpn channels, and for > THOSE, the blacklists ARE active. > That should be it.
oops, sorry, and the ACTUAL solution is, to also blacklist the ethx devices, i.e. loc eth0 detect blacklist loc eth1 detect blacklist loc eth2 detect blacklist Regards Michael ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
