[Shorewall-users] all2all REJECT problem

ricardo at americasnet.com ricardo at americasnet.com
Mon Aug 4 08:57:09 PDT 2003


Thank you! I had it backwards, sorry!

On 04 Aug 2003 08:41:54 -0700 Tom Eastep wrote:

> On Mon, 2003-08-04 at 08:29, Ricardo Kleemann wrote:
> > Hello,
> >=20
> > I'm having trouble configuring shorewall. I'm running the latest
> shorewall
> > (1.4) that comes with Bering 1.2
> >=20
> > I've attached a file with the shorewall status output.
> >=20
> > I setup the rules file such that connections from net to fw are allow=
ed
> > for HTTP and also for rdate (tcp 37). I have these rules:
> >=20
> > ACCEPT  net     fw              tcp     80
> > ACCEPT  net     fw              tcp     37
> >=20
> > However, I'm getting connection refused errors when I try to access h=
ttp
> > from within the firewall, and also when I try to run rdate...
> >=20
> > And I get all2all REJECT messages in shorewall.log: (also note that t=
he
> > date on the log is all screwed up, since I haven't been able to sync =
the
> > date yet)
> >=20
> > Jun 14 04:20:56 firewall Shorewall:all2all:REJECT: IN=3D OUT=3Deth0
> > MAC=3Dff:ff:ff:ff:ff:ff:00:07:e9:c0:7c:5c:08:00  SRC=3D38.118.152.244
> > DST=3D128.46.136.95 LEN=3D60 TOS=3D00 PREC=3D0x00 TTL=3D64 ID=3D0 DF =
PROTO=3DTCP
> > SPT=3D3104 DPT=3D37 SEQ=3D459025160 ACK=3D0 WINDOW=3D5840 SYN URGP=3D=
0
> >=20
> > Jun 14 04:54:03 firewall Shorewall:all2all:REJECT: IN=3D OUT=3Deth0
> > MAC=3Dff:ff:ff:ff:ff:ff:00:07:e9:c0:7c:5c:08:00  SRC=3D38.118.152.244
> > DST=3D216.52.220.101 LEN=3D60 TOS=3D00 PREC=3D0x00 TTL=3D64 ID=3D264 =
DF PROTO=3DTCP
> > SPT=3D1185 DPT=3D80 SEQ=3D816070065 ACK=3D0 WINDOW=3D5840 SYN URGP=3D=
0
> >=20
> >=20
> > Thanks for any help!
>=20
> These appear to be fw->net requests -- the rules that you post above ar=
e
> net->fw.
>=20
> -Tom
> --=20
> Tom Eastep    \ Shorewall - iptables made easy
> Shoreline,     \ http://shorewall.net
> Washington USA  \ teastep at shorewall.net
>=20


More information about the Shorewall-users mailing list