On Fri, 04 May 2007 00:45:06 -0700, Pierguido <[EMAIL PROTECTED]> wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Karl E. Jorgensen wrote:
Strange: With this rule as the *first* rule in the OUTPUT chain,
*everything* outgoing should be accepted, regardless of source,
destination or protocol!?
out_lan 0 -- 192.168.30.103 0.0.0.0/0
out_public_lan_124 0 -- 192.168.100.2 0.0.0.0/0
out_public_lan_125 0 -- 192.168.100.5 0.0.0.0/0
ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 state
RELATED
ULOG 0 -- 0.0.0.0/0 0.0.0.0/0 limit:
avg 1/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `'OUT-unknown:''
queue_threshold 1
And yet your log entry appears to be the result of this rule...
DROP 0 -- 0.0.0.0/0 0.0.0.0/0
Are you 100% sure that these were the rules in effect at the time of the
log entry? It's not making sense ...
Yes...100% sure...i was doing many test and the result was that i had to
disable firehol (and iptables as well).
Check an iptables-save output to see if these rules are matched
against a different interface than intented.
--
Octavio.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
