On 03/13/2012 06:06 AM, I.S.C. William wrote: > Hi .. > > I try this: > > a) shorewall reset > b) try to connect to the site > > but not enter the site : https://www.cardiologia.org.mx/ and other > site https > > Send my shorewall dump for check .. thank for support >
There is an important point that you missed; when connections don't
work, you should look at the log to see if the firewall is blocking the
connection.
From the dump you sent:
Mar 13 06:54:55 loc2net:REJECT:IN=eth0 OUT=eth1 SRC=130.3.201.74
DST=157.56.52.23 LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=18237 DF PROTO=TCP
SPT=2097 DPT=443 WINDOW=16384 RES=0x00 SYN URGP=0
So you don't have a rule that allows TCP 443 from the 'loc' zone to the
'net' zone.
You can correct this by adding this rule:
ACCEPT loc net tcp 443
I can't explain why this apparently worked when running 3.4.8; is should
not have.
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Keep Your Developer Skills Current with LearnDevNow! The most comprehensive online learning library for Microsoft developers is just $99.99! Visual Studio, SharePoint, SQL - plus HTML5, CSS3, MVC3, Metro Style Apps, more. Free future releases when you subscribe now! http://p.sf.net/sfu/learndevnow-d2d
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
