On 04/27/2013 04:50 PM, Tarqi Kazan wrote: > Hi List, > > I recently got an Android Gadget to play with and put an DLNA-Server on my > Shorewall Box. > > The following entries in the "rules" file will make it work instantly, if I > use "tcpdump" to check the traffic. This is the case because the interface > will be in promiscuous mode, I believe, when "tcpdump" is be stopped, it is > not working anymore. > > SECTION NEW > ACCEPT lan $FW udp 1900 > ACCEPT $FW lan udp - 1900 > ACCEPT lan $FW tcp 8200 > > I tried "allowinUPnP lan $FW" and vice versa, also "allowBcast", still no > luck. > Also "MULTICAST=Yes" in shorewall.conf has no effect, nor setting a route > like this: > > ip route add 224.0.0.0/4 dev br0 (interface "lan" is a bridge). > > What I am missing?
Temporarily set the lan->fw and fw->lan policy default action to 'None': /etc/shorewall/policy: #SOURCE DEST POLICY LOG LIMIT: CONNLIMIT: # LEVEL BURST MASK lan fw REJECT:None info fw lan REJECT:None info Now try to connect; the Netfilter log will show you what is being rejected or dropped. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Try New Relic Now & We'll Send You this Cool Shirt New Relic is the only SaaS-based application performance monitoring service that delivers powerful full stack analytics. Optimize and monitor your browser, app, & servers with just a few lines of code. Try New Relic and get this awesome Nerd Life shirt! http://p.sf.net/sfu/newrelic_d2d_apr
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
