On 01/22/2016 04:07 AM, Vieri Di Paola wrote: > Hi, > > The following fails (performed from Shorewall firewall host with IP > addr. 10.215.144.91): > > # telnet 10.252.194.207 25 > > I can see the following while trying to connect to the remote host in > the CAIB zone: > > # tcpdump -n -i enp2s0f0 host 10.252.194.207 > 12:55:50.044861 IP 172.20.11.62.39027 > 10.252.194.207.25: Flags [S], > seq 3930079856, win 29200, options [mss 1460,sackOK,TS val 79493620 ecr > 0,nop,wscale 7], length 0 > > I would like to see 10.215.144.91 instead of 172.20.11.62. > > What can I try? >
Why, if you are routing this traffic out of enp2s0f0 do you with to use the source IP address of enp0s8? Asymmetric routing? At any rate, in /etc/shorewall/masq: enp2s0f0:10.252.194.207 172.20.11.62 10.215.144.91 tcp 25 -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Site24x7 APM Insight: Get Deep Visibility into Application Performance APM + Mobile APM + RUM: Monitor 3 App instances at just $35/Month Monitor end-to-end web transactions and take corrective actions now Troubleshoot faster and improve end-user experience. Signup Now! http://pubads.g.doubleclick.net/gampad/clk?id=267308311&iu=/4140
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
