On 12/15/20 1:04 AM, Vieri Di Paola wrote: > I don't know if this can help, but the SOC VM admin is claiming that > only ARP traffic is seen there when there should also be plenty of > TCP/UDP traffic. > > So I've increased shorewall logging and noticed that some packets are > being rejected. The SOC VM is a ssh and http server, but I cannot > access these ports from $FW. > > kernel: Shorewall:OUTPUT:ACCEPT:IN= OUT=soc.50 SRC=192.168.245.1 > DST=192.168.245.2 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=56827 DF > PROTO=TCP SPT=36702 DPT=22 WINDOW=64240 RES=0x00 SYN URGP=0 > kernel: Shorewall:INPUT:REJECT:IN=soc.50 OUT= > MAC=ac:1f:6b:f5:b7:1a:00:50:56:92:76:e5:08:00 SRC=192.168.245.2 > DST=192.168.245.1 LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=0 DF PROTO=TCP > SPT=22 DPT=36702 WINDOW=14480 RES=0x00 ACK SYN URGP=0 > > Here's the SW dump while trying to connect via ssh and http from > 192.168.245.1 (FW) to 192.168.245.2 (soc50): > > https://drive.google.com/file/d/1qCtaE9VNG_qzD-_uZltWZjwun4_I61vf/view?usp=sharing > > What am I missing? >
You haven't defined soc.50 to Shorewall, so it is rejecting all IPv4 traffic to/from that interface. -Tom -- Tom Eastep \ Q: What do you get when you cross a mobster Shoreline, \ with an international standard? Washington, USA \ A: Someone who makes you an offer you http://shorewall.org \ can't understand \________________________________________
OpenPGP_signature
Description: OpenPGP digital signature
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
