-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 On 05/25/2017 03:32 PM, Vieri Di Paola wrote: > > > ________________________________ From: Tom Eastep > <[email protected]> >> >>> Failing to connect from host in 'loc' zone with IP addr. >>> 10.215.145.8 to http://www.shorewall.net. Nothing in Squid >>> access.log. >> >> >> Please set LOGFILE correctly and reproduce the problem -- there >> are no log entries listed in this dump, yet there have been >> packets dropped since the counters were reset. > > > I'm now attaching the new shorewall dump but I can't seem to find > anything regarding these SRC and DST IP addresses. > > Also note that I ran this in another terminal: > > # tcpdump -n -i enp11s0 host 10.216.145.8 or host 63.135.54.24 > dropped privs to tcpdump tcpdump: verbose output suppressed, use -v > or -vv for full protocol decode listening on enp11s0, link-type > EN10MB (Ethernet), capture size 262144 bytes 00:20:09.648108 IP > 10.215.145.8.1940 > 63.135.54.24.80: Flags [S], seq 2538587431, win > 64240, options [mss 1460,nop,nop,sackOK], length 0 00:20:09.668130 > IP 10.215.145.8.1942 > 63.135.54.24.80: Flags [S], seq 246017419, > win 64240, options [mss 1460,nop,nop,sackOK], length 0 > 00:20:09.753430 IP 10.215.145.8.1943 > 63.135.54.24.80: Flags [S], > seq 220944161, win 64240, options [mss 1460,nop,nop,sackOK], length > 0 00:20:12.540544 IP 10.215.145.8.1940 > 63.135.54.24.80: Flags > [S], seq 2538587431, win 64240, options [mss 1460,nop,nop,sackOK], > length 0 00:20:12.540597 IP 10.215.145.8.1942 > 63.135.54.24.80: > Flags [S], seq 246017419, win 64240, options [mss > 1460,nop,nop,sackOK], length 0 00:20:12.649779 IP 10.215.145.8.1943 > > 63.135.54.24.80: Flags [S], seq 220944161, win 64240, options > [mss 1460,nop,nop,sackOK], length 0 00:20:18.556050 IP > 10.215.145.8.1940 > 63.135.54.24.80: Flags [S], seq 2538587431, win > 64240, options [mss 1460,nop,nop,sackOK], length 0 00:20:18.557059 > IP 10.215.145.8.1942 > 63.135.54.24.80: Flags [S], seq 246017419, > win 64240, options [mss 1460,nop,nop,sackOK], length 0 > 00:20:18.665475 IP 10.215.145.8.1943 > 63.135.54.24.80: Flags [S], > seq 220944161, win 64240, options [mss 1460,nop,nop,sackOK], length > 0 00:20:30.607604 IP 10.215.145.8.1957 > 63.135.54.24.80: Flags > [S], seq 2395699003, win 64240, options [mss 1460,nop,nop,sackOK], > length 0 00:20:30.607822 IP 10.215.145.8.1958 > 63.135.54.24.80: > Flags [S], seq 1090195958, win 64240, options [mss > 1460,nop,nop,sackOK], length 0 00:20:30.712769 IP 10.215.145.8.1959 > > 63.135.54.24.80: Flags [S], seq 4187670571, win 64240, options > [mss 1460,nop,nop,sackOK], length 0 00:20:33.540494 IP > 10.215.145.8.1957 > 63.135.54.24.80: Flags [S], seq 2395699003, win > 64240, options [mss 1460,nop,nop,sackOK], length 0 00:20:33.541119 > IP 10.215.145.8.1958 > 63.135.54.24.80: Flags [S], seq 1090195958, > win 64240, options [mss 1460,nop,nop,sackOK], length 0 > 00:20:33.649864 IP 10.215.145.8.1959 > 63.135.54.24.80: Flags [S], > seq 4187670571, win 64240, options [mss 1460,nop,nop,sackOK], > length 0 >
Looks like you are redirecting port 80 to port 62001, but no process is listening on that port. - -Tom - -- Tom Eastep \ Q: What do you get when you cross a mobster with Shoreline, \ an international standard? Washington, USA \ A: Someone who makes you an offer you can't http://shorewall.org \ understand \_______________________________________________ -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 Comment: GPGTools - http://gpgtools.org iQIcBAEBCAAGBQJZJ5MkAAoJEJbms/JCOk0QHEgP/23SBdvL1KgXKYPu9Js3Il/T bUxhiXVWepbg/jeRewpNZKyh2d7NgvSiuSHNjFraDQl/oTg8nWyYKCHEiEdge/Tt sEXeox/tyhcxw4WgOPQj0Q9nD9Fs2K+APODByEGzFkUzJ6TYGOnv8+qrAXOp7ap0 S70Y8bFUW/SVe18YL/JgyTyBl3NSvYSyo058W0l3JYtz6doAHCRJ033JfMseM7Kf PY+CE3JAFm/1H74CoDHHqwvuTohms3l2DR1CCG7Uu+pi6vUv+JYaEIKriKZUeoAe hNb+aNzsMgzRIFA4Rsg8E+yKmwjUJPXQr9jFFG2i/K5iLbhsrVdTEUj5LhOAHs7I mpJ1AoKuBd/a3B1L3ahD9Iove+KDeLm19Ifa1M/WUvXO6LoLFk5CJYhTETF9BQDC S/4v7LGqmkUJA3Rtt3VR/Lzkjnys/8MO+FvotjJvNAG5pW0KjRM3zXyG/Wk5KrrI rQkKzy7S36J6GKRHsjpp33fiyMhdyibCYBV4e8FJJUSWnx/M2/u6HTR8AxypbOmb W0v0z9O0xjmwkhXZOHZsx9k6cnB/Gm3pIvLJzIXK+S1x/yuBITbNjYQgPqwz+UaO bssdtXQnpRum58SbmjJ93x1dcLGWXE2moPM2snN7HWkLoql0LHdnev11fpBuJzyZ PizsI/oFilNSQhbSW3Oq =HISe -----END PGP SIGNATURE----- ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, Slashdot.org! http://sdm.link/slashdot _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
