FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian ISP

LinkBack Thread Tools
Old 06-05-2008, 07:45 AM
Default shorewall routing vserver

have a little question.

i have some troubles sending and receiving from my mailserver to 3
different mail servers, the strange thing was it wasn't really clear in
the mail logs why it was rejected if it arrived at all.
turns out that it is being blocked by my firewall.

i am running vservers with a private ip address like 192.168.1.* and i
do the routing via shorewall.

Shorewall:fw2dmz:REJECT:IN= OUT=dummy0 SRC= DST=192.112.***.**
and also
Jun 4 18:54:38 host kernel: martian source from
192.112.***.**, on dev eth0

not sure how or why but it does struck me that the mail servers i have
unexplained trouble with, have IP addresses starting with 192.112 and
the martian source can be suppressed by disabling the routefilter option
in /shorewall/interfaces and adding
"DROP:info net: all"
in /shorewall/rules

but it does make me think that somehow 192.112.* is being seen as an
address in a private range, hence the martian notice.
at first i figured to have made some sloppy shorthand like 192.*
somewhere, but i can't trace that back in any of the files.

not sure if shorewall has a manual option for setting wich ranges are
private or what triggers it to send traffic to be send to DMZ instead
of to NET.
but then again...this would be me accusing the shorewall developer of a
lack of understanding in TCP/IP networking...........don't think so

could it be another vserver advertising to listen on 192.*???

To UNSUBSCRIBE, email to debian-isp-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Thread Tools

All times are GMT. The time now is 04:38 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org