On 6/28/20 2:58 PM, Vieri Di Paola wrote: > On Sun, Jun 28, 2020 at 1:28 AM Tom Eastep <teas...@shorewall.net> wrote: >> >> >> Can other hosts connect to this site out of the ppp interface? > > Now that you mention it, on the Shorewall system itself I'm seeing > something unexpected. > I should be able to access this or any other site through any of my > ppp links (there are three: ppp1 has IP addr. 1.1.1.1, ppp2 has > 2.2.2.2 and ppp3 has 3.3.3.3). > > However: > > # links -bind-address 1.1.1.1 http://4.4.4.4 -> FAILS (timeout) > # links -bind-address 2.2.2.2 http://4.4.4.4 -> FAILS (timeout) > # links -bind-address 3.3.3.3 http://4.4.4.4 -> connects and displays properly > > Any other web site other than 4.4.4.4 works fine on all 3 ppp links > from the Shorewall system itself. > > A tcpdump on each failing ppp link while trying to connect shows what > was observed in my previous post. > > Could this be simply that my ISP is failing to route this website > properly when connecting through ppp1 and ppp2?
That, or 4.4.4.4's replies are being misrouted or dropped. > > Restarting the failing ppp links or rebooting the modems does not > change anything. > > Would a Shorewall dump help somehow, or is it surely an ISP issue? When a proper SYN packet is sent but no SYN/ACK returned, the problem is not in the firewall. > > The following workaround solves my problem for the time being, but I'd > rather understand what's happening: > > MARK(3):P 0.0.0.0/0 4.4.4.4 > -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
signature.asc
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
