Re: [Shorewall-users] Problem starting shorewall on Debian Sid

Tom Eastep Tue, 30 Jul 2019 10:22:54 -0700

On 7/29/19 10:20 AM, Mahashakti89 wrote:
> Hi,
> 
> I already tried the trick with the update-alternatives --config
> iptables command. Shorewall is indeed starting but I have no internet
> access.In /var/log/syslog  I find following errors :
> 
> loc-fw REJECT IN=eth1 OUT= MAC=78:24:af:47:80:12:2c:e4:12:dd:51:d4:08:00 
> SRC=94.124.134.53 DST=192.168.1.16 LEN=98 TOS=0x00 PREC=0x00 TTL=53 ID=16711 
> DF PROTO=TCP SPT=443 DPT=50430 WINDOW=531 RES=0x00 ACK FIN URGP=0 
> Jul 29 19:12:06 ishwara kernel: [  207.392482] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=94.124.134.53 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF 
> PROTO=TCP SPT=50430 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
> Jul 29 19:12:06 ishwara kernel: [  207.798926] loc-fw REJECT IN=eth1 OUT= 
> MAC=78:24:af:47:80:12:2c:e4:12:dd:51:d4:08:00 SRC=94.124.134.53 
> DST=192.168.1.16 LEN=98 TOS=0x00 PREC=0x00 TTL=53 ID=16712 DF PROTO=TCP 
> SPT=443 DPT=50430 WINDOW=531 RES=0x00 ACK FIN URGP=0 
> Jul 29 19:12:06 ishwara kernel: [  207.798938] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=94.124.134.53 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF 
> PROTO=TCP SPT=50430 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
> Jul 29 19:12:07 ishwara kernel: [  208.213091] loc-fw REJECT IN=eth1 OUT= 
> MAC=78:24:af:47:80:12:2c:e4:12:dd:51:d4:08:00 SRC=94.124.134.53 
> DST=192.168.1.16 LEN=98 TOS=0x00 PREC=0x00 TTL=53 ID=16713 DF PROTO=TCP 
> SPT=443 DPT=50430 WINDOW=531 RES=0x00 ACK FIN URGP=0 
> Jul 29 19:12:07 ishwara kernel: [  208.213135] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=94.124.134.53 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF 
> PROTO=TCP SPT=50430 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
> Jul 29 19:12:08 ishwara kernel: [  209.045584] loc-fw REJECT IN=eth1 OUT= 
> MAC=78:24:af:47:80:12:2c:e4:12:dd:51:d4:08:00 SRC=94.124.134.53 
> DST=192.168.1.16 LEN=98 TOS=0x00 PREC=0x00 TTL=53 ID=16714 DF PROTO=TCP 
> SPT=443 DPT=50430 WINDOW=531 RES=0x00 ACK FIN URGP=0 
> Jul 29 19:12:08 ishwara kernel: [  209.045629] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=94.124.134.53 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF 
> PROTO=TCP SPT=50430 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
> Jul 29 19:12:08 ishwara kernel: [  209.345187] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=192.168.1.1 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=56117 DF 
> PROTO=UDP SPT=58742 DPT=53 LEN=47 
> Jul 29 19:12:08 ishwara kernel: [  209.345319] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=192.168.1.1 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=56118 DF 
> PROTO=UDP SPT=43055 DPT=53 LEN=47 
> Jul 29 19:12:08 ishwara kernel: [  209.345477] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=192.168.1.1 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=56119 DF 
> PROTO=UDP SPT=49654 DPT=53 LEN=52 
> Jul 29 19:12:08 ishwara kernel: [  209.345616] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=192.168.1.1 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=56120 DF 
> PROTO=UDP SPT=59124 DPT=53 LEN=52 
> Jul 29 19:12:08 ishwara kernel: [  209.346288] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=192.168.1.1 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=56121 DF 
> PROTO=UDP SPT=44769 DPT=53 LEN=47 
> Jul 29 19:12:08 ishwara kernel: [  209.346466] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=192.168.1.1 LEN=67 TOS=0x00 PREC=0x00 TTL=64 ID=56122 DF 
> PROTO=UDP SPT=50842 DPT=53 LEN=47 
> Jul 29 19:12:08 ishwara kernel: [  209.346598] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=192.168.1.1 LEN=72 TOS=0x00 PREC=0x00 TTL=64 ID=56123 DF 
> PROTO=UDP SPT=33377 DPT=53 LEN=52 
> Jul 29 19:12:09 ishwara kernel: [  210.673458] loc-fw REJECT IN=eth1 OUT= 
> MAC=78:24:af:47:80:12:2c:e4:12:dd:51:d4:08:00 SRC=94.124.134.53 
> DST=192.168.1.16 LEN=98 TOS=0x00 PREC=0x00 TTL=53 ID=16715 DF PROTO=TCP 
> SPT=443 DPT=50430 WINDOW=531 RES=0x00 ACK FIN URGP=0 
> Jul 29 19:12:09 ishwara kernel: [  210.673502] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=94.124.134.53 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF 
> PROTO=TCP SPT=50430 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
> Jul 29 19:12:13 ishwara kernel: [  214.065616] loc-fw REJECT IN=eth1 OUT= 
> MAC=78:24:af:47:80:12:2c:e4:12:dd:51:d4:08:00 SRC=94.124.134.53 
> DST=192.168.1.16 LEN=98 TOS=0x00 PREC=0x00 TTL=53 ID=16716 DF PROTO=TCP 
> SPT=443 DPT=50430 WINDOW=531 RES=0x00 ACK FIN URGP=0 
> Jul 29 19:12:13 ishwara kernel: [  214.065661] fw-loc REJECT IN= OUT=eth1 
> SRC=192.168.1.16 DST=94.124.134.53 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF 
> PROTO=TCP SPT=50430 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 
> 
> I will send you privately the tarball of /etc/shorewall.


Please send me the output of 'shorewall dump' taken while the above is
happening.

Thanks!
-Tom
-- 
Tom Eastep        \   Q: What do you get when you cross a mobster with
Shoreline,         \     an international standard?
Washington, USA     \ A: Someone who makes you an offer you can't
http://shorewall.org \   understand
                      \_______________________________________________

signature.asc
Description: OpenPGP digital signature

_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users

Re: [Shorewall-users] Problem starting shorewall on Debian Sid

Reply via email to