Hi,
I have servers where shorewall6 won't reject nor log:
# cat /etc/shorewall6/zones
fw firewall
net ipv6
# cat /etc/shorewall6/interfaces
net eth1 tcpflags
(I also tried without "tcpflags", but no changes)
# cat /etc/shorewall6/policy
$FW all ACCEPT
all all REJECT info
# cat /etc/shorewall6/rules
SECTION NEW
(for testing, I removed all the rules)
I am testing from another location with telnet:
telnet <dns-name> 25
(telnet will first the IPv6 address first, after a timeout it will try the
IPv4 address; there shouldn't be any timeout, from rules and policy file,
it should be rejected immediately)
or
ping6 <dns-name>
Here's the output from "shorewall6 dump" (I removed the IP addresses):
https://www.dropbox.com/s/f7a9zox1wngmj1w/shorewall6.dump.txt
My shorwall6.conf:
https://www.dropbox.com/s/74thyaqzlzmdrii/shorewall6.conf
PS: When I change the first policy line to "$FW all ACCEPT info" I'll get
some fw2net logging (so logging itself seems to work).
--
Regards,
Igor
------------------------------------------------------------------------------
Shape the Mobile Experience: Free Subscription
Software experts and developers: Be at the forefront of tech innovation.
Intel(R) Software Adrenaline delivers strategic insight and game-changing
conversations that shape the rapidly evolving mobile landscape. Sign up now.
http://pubads.g.doubleclick.net/gampad/clk?id=63431311&iu=/4140/ostg.clktrk
_______________________________________________
Shorewall-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/shorewall-users
