thr3ads.net - Shorewall users - [Shorewall-users] sane network scanning problem [Aug 2003]

If this information is useful, please help other people find it:
Share via:

Joerg Hollaender

2003-Aug-31 04:25 UTC

[Shorewall-users] sane network scanning problem

Hallo,
i  have  a  problem to configure shorewall to enable scanning over the
network with sane.

The scanner is located at the firewall hosts local interface.
Why do i get a "all2all" message and not "loc2loc"




Aug 25 14:55:26 router saned[26946]: saned from sane-backends 1.0.11 ready
Aug 25 14:55:26 router saned[26946]: check_host: access by remote host:
192.168.0.250
Aug 25 14:55:26 router saned[26946]: init: access by root@192.168.0.250 accepted
Aug 25 14:55:27 router kernel: Attached scsi generic sg1 at scsi0, channel 0, id
6, lun 0,  type 3
Aug 25 14:55:31 router kernel: Shorewall:all2all:REJECT:IN=eth1 OUT= MAC=
SRC=192.168.0.250 DST=192.168.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=34730 DF
PROTO=TCP SPT=1772 DPT=2894 WINDOW=16960 RES=0x00 SYN URGP=0
Aug 25 14:55:32 router kernel: Shorewall:all2all:REJECT:IN=eth1 OUT= MAC=
SRC=192.168.0.250 DST=192.168.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=34764 DF
PROTO=TCP SPT=1772 DPT=2894 WINDOW=16960 RES=0x00 SYN URGP=0
Aug 25 14:55:32 router kernel: Shorewall:all2all:REJECT:IN=eth1 OUT= MAC=
SRC=192.168.0.250 DST=192.168.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=34802 DF
PROTO=TCP SPT=1772 DPT=2894 WINDOW=16960 RES=0x00 SYN URGP=0

-- 
Best regards,
 Joerg                          mailto:joerg.hollaender@post.rwth-aachen.de

John Andersen

2003-Aug-31 16:58 UTC

head link

[Shorewall-users] sane network scanning problem

What does your policy say?
If policy rejects this, you will need rules to enable it.

On Monday 25 August 2003 05:09 am, Joerg Hollaender
wrote:> Hallo,
> i  have  a  problem to configure shorewall to enable scanning over the
> network with sane.
>
> The scanner is located at the firewall hosts local interface.
> Why do i get a "all2all" message and not "loc2loc"
>
>
>
>
> Aug 25 14:55:26 router saned[26946]: saned from sane-backends 1.0.11 ready
> Aug 25 14:55:26 router saned[26946]: check_host: access by remote host:
> 192.168.0.250 Aug 25 14:55:26 router saned[26946]: init: access by
> root@192.168.0.250 accepted Aug 25 14:55:27 router kernel: Attached scsi
> generic sg1 at scsi0, channel 0, id 6, lun 0,  type 3 Aug 25 14:55:31
> router kernel: Shorewall:all2all:REJECT:IN=eth1 OUT= MAC= SRC=192.168.0.250
> DST=192.168.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=34730 DF PROTO=TCP
> SPT=1772 DPT=2894 WINDOW=16960 RES=0x00 SYN URGP=0 Aug 25 14:55:32 router
> kernel: Shorewall:all2all:REJECT:IN=eth1 OUT= MAC= SRC=192.168.0.250
> DST=192.168.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=34764 DF PROTO=TCP
> SPT=1772 DPT=2894 WINDOW=16960 RES=0x00 SYN URGP=0 Aug 25 14:55:32 router
> kernel: Shorewall:all2all:REJECT:IN=eth1 OUT= MAC= SRC=192.168.0.250
> DST=192.168.0.1 LEN=52 TOS=0x00 PREC=0x00 TTL=128 ID=34802 DF PROTO=TCP
> SPT=1772 DPT=2894 WINDOW=16960 RES=0x00 SYN URGP=0
-- 
John Andersen - NORCOM
http://www.norcomsoftware.com/

Maybe Matching Threads

Search for more seemingly similar threads

Shorewall users - Aug 2003 - sane network scanning problem

[Shorewall-users] sane network scanning problem

[Shorewall-users] sane network scanning problem

Maybe Matching Threads