Hi
thanks for your answer,
i use: Shorewall 5.0.14
Checking using Shorewall 5.0.14.1...
Processing /etc/shorewall/params ...
Processing /etc/shorewall/shorewall.conf...
Loading Modules...
Checking /etc/shorewall/zones...
Checking /etc/shorewall/interfaces...
Determining Hosts in Zones...
Locating Action Files...
Checking /etc/shorewall/policy...
Running /etc/shorewall/initdone...
Checking TCP Flags filtering...
Checking Kernel Route Filtering...
Checking Martian Logging...
Checking /etc/shorewall/masq...
WARNING: Using an interface as the masq SOURCE requires the interface to
be up and configured when Shorewall starts/restarts/reloads
/etc/shorewall/masq (line 1)
Checking MAC Filtration -- Phase 1...
Checking /etc/shorewall/rules...
Checking /etc/shorewall/conntrack...
Checking MAC Filtration -- Phase 2...
Applying Policies...
Checking /usr/share/shorewall/action.Drop for chain Drop...
Checking /usr/share/shorewall/action.Broadcast for chain Broadcast...
Shorewall configuration verified
i have 1 warning, it's masq the problems ?
regards
Olivier
2018-02-27 19:52 GMT+01:00 Tom Eastep <teas...@shorewall.net>:
> On 02/27/2018 08:35 AM, Olivier CALVANO wrote:
> > Hello, I have a problem with my config Quagga / BGP and Shorewall.
> > Whenever I connect a new site and Quagga receives a new prefix I see it
> > on my linux server in route -n but this prefix can not talk with him,
> > Shorewall blocks all flows coming from the prefix. A simple shorewall
> > reload solves the problem but it is painful. Someone already had the
> > problem? thank you
> >
>
> If a simple reload solves the problem, it probably means that you have
> specified a SOURCE interface somewhere that requires Shorewall to use
> the main routing table to create the ruleset. What Shorewall version are
> you running? Does 'shorewall check' produce any warnings?
>
> -Tom
> --
> Tom Eastep \ Q: What do you get when you cross a mobster with
> Shoreline, \ an international standard?
> Washington, USA \ A: Someone who makes you an offer you can't
> http://shorewall.org \ understand
> \_______________________________________________
>
>
> ------------------------------------------------------------
> ------------------
> Check out the vibrant tech community on one of the world's most
> engaging tech sites, Slashdot.org! http://sdm.link/slashdot
> _______________________________________________
> Shorewall-users mailing list
> Shorewall-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/shorewall-users
>
>
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, Slashdot.org! http://sdm.link/slashdot
_______________________________________________
Shorewall-users mailing list
Shorewall-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/shorewall-users
