From: Tom E. <te...@sh...> - 2011-01-27 00:53:50
|
On 1/26/11 12:51 PM, Tom Eastep wrote: > > Are you using a proxy like Squid? If so, that is bypassing the rule. > Otherwise, please collect the output of 'shorewall dump' and submit it > along with the information requested at > http://www.shorewall.net/support.htm#Guidelines. Of course, you could also have ACCEPT, DNAT or REJECT rules above your REJECT rule in /etc/shorewall/rules. From the shorewall-rules man page: "For any particular (source,dest) pair of zones, the rules are evaluated in the order in which they appear in this file and the first terminating match is the one that determines the disposition of the request. All rules are terminating except LOG and COUNT rules." -Tom -- Tom Eastep \ When I die, I want to go like my Grandfather who Shoreline, \ died peacefully in his sleep. Not screaming like Washington, USA \ all of the passengers in his car http://shorewall.net \________________________________________________ |