On 8/6/2014 11:51 AM, merc1...@f-m.fm wrote: > On Wed, Aug 6, 2014, at 10:54, Tom Eastep wrote: > >> It is interesting that the SOURCE IP address is an RFC-1918 address; is >> that the IP address of a local interface? If so, what is that interface >> used for? How is it defined to Shorewall? > > Yes the source IP is on my workstation's only operating interface. It > communicates with other machines in the LAN through the router, as well > as the internet through the router's WAN port.
I'm still unclear about the topology. Is Shorewall installed on the "workstation". Is the Shorewall box the "router" or do you have another on-premises router? The Shorewall system seems to have both an ethernet interface and a wireless interface - what are they each connected to? > > Interfaces: > - lo ignore > net all physical=+,routeback,optional > > Policy: > $FW all REJECT info(uid) > net all DROP info(uid) > local all REJECT info(uid) > all all REJECT info(uid) > > Stoppedrules: > #ACCEPT wlan0 - > #ACCEPT - wlan0 > #ACCEPT eth0 - > #ACCEPT - eth0 > > Zones: > fw firewall > net ipv4 > local ipv4 > > As I've just reconfigured Shorewall to the new methods, these are my > only config files, besides shorewall.conf and rules. I don't see a definition of the 'local' zone. -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________
signature.asc
Description: OpenPGP digital signature
------------------------------------------------------------------------------ Infragistics Professional Build stunning WinForms apps today! Reboot your WinForms applications with our WinForms controls. Build a bridge from your legacy apps to the future. http://pubads.g.doubleclick.net/gampad/clk?id=153845071&iu=/4140/ostg.clktrk
_______________________________________________ Shorewall-users mailing list Shorewall-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/shorewall-users
