Jan Mulders wrote:> Hello,
>
> I''ve got a process on my machine that needs to query a daemon
> listening on port 1816, UDP. It''s basically not working.
>
> root@betabitch [/etc/shorewall]# tcpdump -i lo
> tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
> listening on lo, link-type EN10MB (Ethernet), capture size 96 bytes
> 14:19:34.332311 IP localhost.32946 > localhost.1816: UDP, length 97
> 14:19:35.332405 IP localhost.32947 > localhost.1816: UDP, length 97
> 14:19:36.332147 IP localhost.1816 > localhost.32946: UDP, length 20
> 14:19:37.331962 IP localhost.1816 > localhost.32947: UDP, length 20
> 14:19:37.331999 IP localhost > localhost: icmp 56: localhost udp port
> 32947 unreachable
>
> What rule should I add to make this work?
You have messed up terribly if Shorewall is stopping this connection in the
first place! There are only a handful of scenarios where it makes any sense
whatsoever to have fw<->fw policies or rules.
Do you have a fw->fw policy? If so, why?
Do you have any fw->fw rules? If so, why?
Do you see Shorewall messages when you try this UDP connection?
Does it work if you "shorewall clear"?
-Tom
--
Tom Eastep \ Nothing is foolproof to a sufficiently talented fool
Shoreline, \ http://shorewall.net
Washington USA \ teastep@shorewall.net
PGP Public Key \ https://lists.shorewall.net/teastep.pgp.key
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net''s Techsay panel and you''ll get the chance
to share your
opinions on IT & business topics through brief surveys -- and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV