On 05/02/2013 08:23 AM, Ernesto Domato wrote: > On Thu, May 2, 2013 at 11:47 AM, Tom Eastep <[email protected]> wrote: >> Try setting ROUTE_FILTER=No in shorewall.conf and reboot. Does the >> Shorewall-generated configuration work now? >> > > YES, it does :-) > > So, can you briefly explain what happended? >
I noticed in the non-working dump that the rp_filter flag was set on
vnet0. While that should not matter, it was the only thing that I could
see that might affect the outcome.
You might try setting ROUTE_FILTER=Yes, and add these commands in
/etc/shorewall/start:
echo 0 > /proc/sys/net/ipv4/conf/vnet0/rp_filter
echo 0 > /proc/sys/net/ipv4/conf/vnet0/log_martians
Does that also solve the problem?
Thanks,
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Introducing AppDynamics Lite, a free troubleshooting tool for Java/.NET Get 100% visibility into your production application - at no cost. Code-level diagnostics for performance bottlenecks with <2% overhead Download for free and get started troubleshooting in minutes. http://p.sf.net/sfu/appdyn_d2d_ap1
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
