[Shorewall-users] Policy Rules not working as expected (fwd)

Tom Eastep teastep@shorewall.net
Thu, 25 Apr 2002 19:09:16 -0700 (Pacific Daylight Time)


On Thu, 25 Apr 2002, Jerry Vonau wrote:

>
> I was referring to the syntax of the port range, not the
> ports involved.
> Which is correct 137:139 137,139 or both?
>

Both -- "137:139" is a range including 138. "137,139" is a list that
doesn't include 138.
> > the head of the 'net2fw' chain is not passing the packets as it normally
> > would.
>
> That is a little weird, problems with ip_conntrack? That is
> not very reassuring.
> Just curious, what kernel version is this puppy running?

Drake 8.2 (2.4.18-xxxmdk).

>
> Going on the assumption that there is a hub/switch between
> the 2 computers
> and the adsl modem, could you not use MAC addresses to
> filter on?

On input, yes.

-Tom
--
Tom Eastep    \ Shorewall - iptables made easy
AIM: tmeastep  \ http://www.shorewall.net
ICQ: #60745924  \ teastep@shorewall.net