From: John A. <js...@no...> - 2006-07-29 07:43:49
|
Just a last month I installed 3.0.8, (only to find my self back level again). Looking at the logging I found this oddity that differs from prior version, and seems less usefull, because its hard to see where the packets actually went. Sample:------- Old version: Rule: DNAT:info net loc:192.168.2.9:5900 tcp 5910 Resultant Log: Jul 28 22:21:21 norcomix kernel: Shorewall:net2loc:DNAT:IN=eth0 OUT=eth1 SRC=206.174.67.201 DST=192.168.2.9 LEN=48 TOS=0x00 PREC=0x00 TTL=124 ID=22326 DF PROTO=TCP SPT=4516 DPT=5900 WINDOW=65535 RES=0x00 SYN URGP=0 New Version: 3.0.6 Rule DNAT:info net loc:192.168.0.2:5905 tcp 5909 Resultant Log: Jul 28 22:25:45 haight kernel: Shorewall:net_dnat:DNAT:IN=eth0 OUT= MAC=00:13:72:f7:8f:ea:00:0f:35:2a:c8:00:08:00 SRC=206.174.67.201 DST=24.23X.XXX.112 LEN=48 TOS=0x00 PREC=0x00 TTL=125 ID=23219 DF PROTO=TCP SPT=1885 DPT=5909 WINDOW=65535 RES=0x00 SYN URGP=0 ---------- In the old version listed the IP and Mac address of the machine on the lan (192.168.2.9). In the New Version, The DST Ip is reported as the external interface IP of the Firewall, rather than the IP of the internal machine that the rule routed it to. (I obfuscated the ip a bit). All my rules were in the NEW section (by default). John Andersen js...@no... |