I am having what appears to be a problem with dropping of incoming packets. I=20
have been running Shorewall for almost a year and have had little trouble=20
until I started on this development project.
On this project, I have to connect to port 1129 on a remote server, pass an=20
XML document and recieve an XML document in reply.
I am able to connect to the port, but it appears that the data coming back is=20
being dropped, even though there are no log entries indicating such.
eth0 is our internal network, eth2 is connected to our T1 router.=20
My policy file is:
#CLIENT SERVER POLICY LOG LEVEL
local net ACCEPT
local dmz ACCEPT
local tunnel ACCEPT
local fw ACCEPT
fw local ACCEPT
fw dmz ACCEPT
fw tunnel ACCEPT
dmz local ACCEPT
tunnel local ACCEPT
net all DROP info
all all REJECT info
#LAST LINE -- ADD YOUR ENTRIES ABOVE THIS LINE -- DO NOT REMOTE
I have no specific rules relating to port 1129 as the connection is opened=20
from a local machine.
My interfaces file contains:
#ZONE INTERFACE BROADCAST OPTIONS
net eth2 65.107.12.191 multi,norfc1918
dmz eth1 172.16.1.255 routestopped
local eth0 10.1.255.255 routestopped,dhcp
Here is what IPtraf shows is happenning:
TCP Connections (Source Host:Port) Packets Bytes Flags Iface=20
teton.shopsite.com:51383 8 2223 DONE eth0
secure.linkpt.net:1129 8 1431 DONE eth0
firebreak.shopsite.com:51383 8 2223 --A- eth2
secure.linkpt.net:1129 0 0 ---- eth2
secure.linkpt.net:1129 8 1431 RESET eth2
teton.shopsite.com:51383 0 0 ---- eth2
Do I need to add a rule to specifically allow the traffic coming back?
Thanks,
--Richard
--=20
Richard B. Pyne
Software Engineer
ShopSite, Inc.