On 30.01.2012 22:29, Michael Kress wrote: > I have for sure equipped all external interfaces with the blacklist option: > net ppp0 - blacklist > net ppp1 - blacklist > net ippp1 - blacklist > net ippp0 - blacklist > net tun1 - blacklist > net tun2 - blacklist > vpn tun3 - blacklist > loc eth0 detect > loc eth1 detect > loc eth2 detect > >
ok, I think I've found the configuration fault ... the requests obviously came in over eth0 (I've told apache to also log the local interface, but there was no request yet since then, but either that trap or syslog (blacklisted packet) will tell). But I've made similar tests and those were successful. In my case, connections that come over eth0, come from outside on my home dsl router and then get forwarded to eth0. The others are different vpn channels, and for THOSE, the blacklists ARE active. That should be it. Thanks & regards Michael ------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
