On Thu, May 11, 2017 at 11:06:40PM -0500, Will Lowe wrote: > Can someone help me understand this particular log message? It is from a > Ricoh Printer on my main net to a computer on an adjacent net which is > also under my control.. Neither the printer nor this computer should be > communicating with each other for any reason. The computer is not maned by > anyone. I've checked with Ricoh and they cannot explain it. And, secondly, > why would Shorewall react to anything not meant to go through it? > Shorewall:FORWARD:REJECT:IN=enp5s2 OUT=enp5s2 > MAC=00:0e:04:24:45:85:00:26:73:9b:d1:c9:08:00 SRC=192.168.1.222 > DST=192.168.3.25 LEN=109 TOS=0x00 PREC=0x00 TTL=63 ID=39208 PROTO=UDP > SPT=161 DPT=61532 LEN=89
I am not sure why your printer is trying to communicate in this manner. Shorewall's behavior is a result of the source and destination addresses being accessible through the same interface and that you probably have not set the routeback option on the interface (enp5s2 in this case). By default Shorewall will not send packets out the same interface which they entered. Regards, -Roberto -- Roberto C. Sánchez http://people.connexer.com/~roberto http://www.connexer.com ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
