On 7/30/2014 5:16 AM, Georg Bixa wrote: > Hello! I am using shorewall for some years now, but i ran into trouble > with the following multi VLAN setup: > > The network had two VLANs (vlan21 and vlan22) which are masqueraded by > the firewall to a public subnet. vlan22 was running fine, but pakets on > vlan21 did not get an answer. > I setup another vlan (vlan23) to test so parameters, but that shut > vlan22 down. Now vlan23 is working but vlan21 and vlan22 are not. > > I did some tcpdump and found out that the packets are correctly > masqueraded and sent out but the response is not forwarded with the > following errors: > > Jul 30 12:26:33 viegw kernel: [99036.969653] > Shorewall:FORWARD:REJECT:IN=ppp0 OUT=vlan21 MAC= SRC=85.25. > 182.38 DST=192.168.21.2 LEN=84 TOS=0x00 PREC=0x00 TTL=49 ID=31228 > PROTO=ICMP TYPE=0 CODE=0 ID=2970 SEQ=55 > > Jul 30 12:26:34 viegw kernel: [99037.160452] > Shorewall:FORWARD:REJECT:IN=ppp0 OUT=vlan22 MAC= SRC=85.25. > 182.36 DST=192.168.22.2 LEN=84 TOS=0x00 PREC=0x00 TTL=50 ID=36303 > PROTO=ICMP TYPE=0 CODE=0 ID=2964 SEQ=59 > > I have checked routing and config files but did not come up with a > solution for days. > Any help would be much appreciated! > (i have attached a shorewall dump.)
What is the net->ene policy? It looks like NONE. -Tom ------------------------------------------------------------------------------ Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
