[Shorewall-users] norfc1918 not working in SW 2.2.1?

Tom Eastep teastep at shorewall.net
Thu Mar 10 07:25:23 PST 2005


Stijn Jonker wrote:

> 
> For the host mentioned is a single interface setup, if i ping 10.10.10.1
> it's dropped on the all2all chain. But a "telnet 10.10.10.1 80" is
> happely forwarded towards the def gateway (which is also running
> shorewall) and then onto the net.
> 
> Is somebody else seeing this as well, or can tell me where what I'm
> missing with this issue?
> 

You are missing that the 'norfc1918' option does ingress filtering, not
egress filtering.

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep at shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key


More information about the Shorewall-users mailing list