On 5/11/2019 3:19 PM, Tom Eastep wrote:
The cause of your problem is this wildly wrong route you have in your
main table:
108.0.0.0/8 dev enp9s0f0 proto kernel scope link src 108.170.3.58
With that route, your system believes that all IPv4 addresses whose
first byte contains 108 is on the same LAN as enp9s0f0. So attempting to
connect from any host in that network (except your upstream router) will
fail. That route should be:
108.170.DDD.58/8 dev enp9s0f0 proto kernel scope link src 108.170.DDD.58
-Tom
-- Tom Eastep \ Q: What do you get when you cross a mobster with
Shoreline, \ an international standard? Washington, USA \ A: Someone
who makes you an offer you can't http://shorewall.org \ understand
\_______________________________________________
You are so right! I am not even sure how that got in there - just
deleting the route fixes this scenario. When I reboot, the machine it
gets in there somehow. grepping /etc for the address does not yield
anything. After deleting it, issuing a "shorewall restart" does not add
it back - so its probably not shorewall adding it.. unless "shorewall
start" adds routes that "shorewall restart" does not.
Its hard to believe during my troubleshooting I missed that route - got
hung up on ARP being the culprit (never even checked the routing tables)
- I guess this is what you get when a non-networking guy tries to fix
networking.
I am SUPER grateful for your expertise and help.
Thanks a bunch!
Michael
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
