On 3/26/2014 8:19 AM, Hervé Werner wrote: > Hello. > > As soon as I add the rpfilter option to my single interface, any > outgoing traffic is blocked. > > Here is my interface file : > net eth0 > dhcp,tcpflags,logmartians,nosmurfs,sourceroute=0,rpfilter > > When taking a look at the logs, I notice packets have been blocked by > the net-fw rule : > > Mar 26 15:46:44 MyPC net-fw:DROP IN=eth0 OUT= MAC=XXXXX > SRC=173.194.40.159 DST=192.168.1.166 LEN=84 TOS=00 PREC=0x00 TTL=54 > ID=35571 PROTO=ICMP TYPE=0 CODE=0 ID=30205 SEQ=16 MARK=0 > > This message has been triggered by pinging google.fr. > > Note that it works properly when using rp_filter. > > Please find attached my configuration files. > > Version information : 4.5.21.7 >
Please forward the output of 'shorewall dump' when this problem is occurring. I'm unable to reproduce it here on a Fedora installation that supports rpfilter. Thanks, -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Learn Graph Databases - Download FREE O'Reilly Book "Graph Databases" is the definitive new guide to graph databases and their applications. Written by three acclaimed leaders in the field, this first edition is now available. Download your free book today! http://p.sf.net/sfu/13534_NeoTech
_______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
