On Monday 08 September 2003 11:49 pm, Ed Greshko wrote: > On Tue, 2003-09-09 at 11:18, Reuben D. Budiardja wrote: > After rereading your previous email and the rest of this email I have a > better understanding of your configuration. While you didn't say it I > think you are running you clients on the same machine as the firewall.
oopss... sorry. It must have slipped me that I didn't say that explicitly (it was late). But you're correct, I am running a client on the same machine as the firewall. > Take a look at your policy file in shorewall. It most likely has a > policy of "fw loc ACCEPT". This takes care of all client needs. Okay, this clear things up. I use the default one from the shorewall package, and it has fw net ACCEPT I assume it provides the similar effect. > > Sep 8 13:50:38 voyager kernel: Shorewall:newnotsyn:DROP:IN= OUT=eth0 > > SRC=160.36.28.203 DST=160.36.28.37 LEN=52 TOS=0x10 PREC=0x00 TTL=64 > > ID=5888 DF PROTO=TCP SPT=60452 DPT=22 WINDOW=62640 RES=0x00 ACK RST > > URGP=0 > > > > I'm not sure if this is because I don't open the necessary port, or an > > artifact of something else going on. > > Something else.... Please go back the the shorewall website and find > information on "NEWNOTSYNC". Okay. I did check te FAQs about newnotsyn before I posted, and if I understand it correctly, I think I can savely ignore this. I'm still ignorant in this netfilter business, that's why I just wanted to make sure I don't miss anything. Thanks again for your help. RDB -- Reuben D. Budiardja Department of Physics and Astronomy The University of Tennessee, Knoxville, TN ------------------------------------------------- /"\ ASCII Ribbon Campaign against HTML \ / email and proprietary format X attachments. / \ ------------------------------------------------- Have you been used by Microsoft today? Choose your life. Choose freedom. Choose LINUX. ------------------------------------------------- -- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
