On 1/5/2014 2:18 PM, Axel Zöllich wrote: > Am Sonntag, 5. Januar 2014, 13:58:45 schrieb Tom Eastep: >> On 1/5/2014 1:39 PM, Axel Zöllich wrote: >>>> Looks like you don't have the tunnel defined in /etc/shorewall/tunnels. >>> >>> The differance in the generated iptables is: >>> ACCEPT esp -- anywhere 212.117.77.202 >>> ACCEPT udp -- anywhere 212.117.77.202 udp >>> dpt:isakmp ctstate NEW >>> >>> ACCEPT esp -- 212.117.77.202 anywhere >>> ACCEPT udp -- 212.117.77.202 anywhere udp >>> dpt:isakmp ctstate NEW >>> >>> With this rules in "rules" I shouldn't need "tunnels" any, more should I? >>> >>> >>> But why did it work until refresh without this rules? >> >> I don't understand the question. > > If I'ld like to omit the "tunnels" file the above rules inserted to "rules" > will do exactly the same like "tunnels" does? >
I can't tell -- you don't indicate which chain(s) the rules are in and you didn't use the -n and -v options to iptables; without those options, the output of iptables -L is pretty useless. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Rapidly troubleshoot problems before they affect your business. Most IT organizations don't have a clear picture of how application performance affects their revenue. With AppDynamics, you get 100% visibility into your Java,.NET, & PHP application. Start your 15-day FREE TRIAL of AppDynamics Pro! http://pubads.g.doubleclick.net/gampad/clk?id=84349831&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
