0

We are using shorewall on Linux server in our LAN environment. The Client machines using windows XP.

When I try to connect to a remote machine( The remote machine has static IP) from my windows XP machine , the shorewall which drops the static IP. I wrote exception on shorewall rules, even though the shorewall drops the IP. Please see following log message:

Apr 28 16:13:46 system1 kernel: Shorewall:all2all:DROP:IN=eth1 OUT=eth0 SRC=192.168.21.12 DST=<Static IP> LEN=48 TOS=0x00 PREC=0x00 TTL=127 ID=62316 DF PROTO=TCP SPT=1822 DPT=1723 WINDOW=65535 RES=0x00 SYN URGP=0

The exception rule which I wrote on shorewall:

ACCEPT :info loc fw tcp 1723

What am I doing wrong?

MDMarra
  • 100,183
  • 32
  • 195
  • 326
Boby
  • 1
  • 1

1 Answers1

0

The piece of the log statement showing "Shorewall:all2all:DROP" suggests that the packet is not being caught by your written ACCEPT statement, because the default all2all DROP rule (found in the policy file) is being triggered.

The :info part of the ACCEPT rule is a format that I am not familiar with, and could likely be the reason that this rule is not working. I suggest using:

#ACTION         SOURCE          DEST            PROTO   DEST    SOURCE
#                                                       PORT
ACCEPT          loc             fw              tcp     1723

However, the 'fw' zone is (by default) the firewall itself, and therefore will only accept packets if the destination is the firewall's IP itself, and no other clients on any other networks. This could be another reason this rule is not working as expected. You might consider replacing 'fw' with the name of a zone that contains the destination hosts.

nrobey
  • 113
  • 4