On Mon, Sep 7, 2015 at 7:51 PM, Tom Eastep <[email protected]> wrote:
> "interfaces" file: > > net eth0 nets=(!10.1.1.0/24 <http://10.1.1.0/24>),nosmurfs,rpfilter > > vdmz vbr nets=(10.1.1.0/24 <http://10.1.1.0/24>),nosmurfs,rpfilter > [...] > > Thanks for any clue on this matter. > > Have you looked at Shorewall FAQ 17? Looks like you don't have the > 'routeback' option on the vbr interface (although Shorewall should be > detecting that it is a bridge unless brctl isn't installed). > > brctl if of course installed. I tried to add 'routeback' to the vbr line in the "interfaces" file and restarted Shorewall but nothing improved. I even stopped and restarted the PROXY LXC container but the result is still the same. curl -I 'http://website.tld' or elinks 'http://website.tld' or nc website.tld 80 all get out correctly and also produce 5 hits on the logs. 5 because I have 5 other veth interfaces connected to the vbr bridge, each corresponding to another LXC container. -- ObNox
------------------------------------------------------------------------------
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
