I wrote: > Presumably there's no problem blocking all PPPoE traffic from the loc zone ?
And looking at https://tools.ietf.org/html/rfc2516 it says : > The ETHER_TYPE is set to either 0x8863 (Discovery Stage) or 0x8864 (PPP > Session Stage). But how is the device spoofing the PPPoE LCP Terminate packets ? And more importantly, how are these non-routable packets getting through the firewall ? Thought ... You haven't linked eth0 and eth1 together on the same network are you ? ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users