| Main Archive Page > Month Archives > shorewall-users archives |
Re: [Shorewall-users] one-to-one NAT stopped working with Shorewall 4.4
From: Tom Eastep <teastep_at_nospam>Date: Tue Apr 05 2011 - 18:33:46 GMT
To: Shorewall Users <shorewall-users@lists.sourceforge.net>
On 04/05/2011 11:06 AM, Chris Stone wrote:
>
>> Check to be sure that your WAN network and LAN network aren't bridged.
>
> They are not. We have:
.. Mangled ASCII Art Deleted ..
Then how do you explain these?
Apr 5 10:23:05 FORWARD:REJECT:IN=eth1 OUT=eth1 SRC=208.69.72.26
DST=192.168.0.212 LEN=60 TOS=0x10 PREC=0x00 TTL=60 ID=22305 DF PROTO=TCP
SPT=55032 DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Apr 5 10:23:07 FORWARD:REJECT:IN=eth1 OUT=eth1 SRC=208.69.72.26
DST=192.168.0.212 LEN=60 TOS=0x10 PREC=0x00 TTL=60 ID=6031 DF PROTO=TCP
SPT=55042 DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
Apr 5 10:23:08 FORWARD:REJECT:IN=eth1 OUT=eth1 SRC=208.69.72.26
DST=192.168.0.212 LEN=60 TOS=0x10 PREC=0x00 TTL=60 ID=35898 DF PROTO=TCP
SPT=55056 DPT=25 WINDOW=5840 RES=0x00 SYN URGP=0
eth1 is 192.168.0.1/24 so how is traffic from 208.69.72.26 entering the
firewall on that interface???
-Tom
--
Tom Eastep \ When I die, I want to go like my Grandfather who
Shoreline, \ died peacefully in his sleep. Not screaming like
Washington, USA \ all of the passengers in his car
http://shorewall.net \________________________________________________
------------------------------------------------------------------------------
Xperia(TM) PLAY
It's a major breakthrough. An authentic gaming
smartphone on the nation's most reliable network.
And it wants your games.
http://p.sf.net/sfu/verizon-sfdev
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users