This discussion has been locked.

You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Problems with paketfilter

i`ve just created a paketfilter rule, that should allow all traffic from a host in my internal network to the internet. the rule looks like:

hostname -> All -> All

But the paketfilterlog shows me:

2007:05:22-15:57:18 (none) ulogd[2732]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60001" initf="eth0" dstmac="00:1a:4b:0a:68:8c" srcmac="00:11:0a:a1:18:5a" srcip="hostname" dstip="astaro" proto="17" length="44" tos="0x00" prec="0x00" ttl="32" srcport="3217" dstport="38293"

whats wrong?

This thread was automatically locked due to age.

Parents

0 BrucekConvergent over 18 years ago

"Any" does not include any IPs on the external or internal interfaces... I'm assuming the DstIP in your logfile excerpt is either an internal or external IP on the Astaro unit itself?
Cancel
Vote Up 0 Vote Down

Cancel

Reply

0 BrucekConvergent over 18 years ago

"Any" does not include any IPs on the external or internal interfaces... I'm assuming the DstIP in your logfile excerpt is either an internal or external IP on the Astaro unit itself?
Cancel
Vote Up 0 Vote Down

Cancel

Children

0 cotto over 18 years ago in reply to BrucekConvergent

right. the dstip is the internal ip on the astaro
Cancel
Vote Up 0 Vote Down

Cancel
0 BrucekConvergent over 18 years ago in reply to cotto

So, can you access the internet? That log entry shouldn't be a problem-- If you can't access the Internet, do you have a Masquerade rule set in the NAT config?
Cancel
Vote Up 0 Vote Down

Cancel