[Firehol-support] Secondary internet link fails
Costa Tsaousis
costa at tsaousis.gr
Sat Oct 29 18:59:47 BST 2005
Daniel L. Miller wrote:
> Oct 28 10:25:31 foxy OUT-unknown: IN= OUT=eth2 MAC= SRC=66.199.29.170
> DST=66.199.29.169 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=41 DF PROTO=ICMP
> TYPE=8 CODE=0 ID=9797 SEQ=42
> Oct 28 10:25:32 foxy OUT-unknown: IN= OUT=eth2 MAC= SRC=66.199.29.170
> DST=66.199.29.169 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=42 DF PROTO=ICMP
> TYPE=8 CODE=0 ID=9797 SEQ=43
> Oct 28 10:25:33 foxy OUT-unknown: IN= OUT=eth2 MAC= SRC=66.199.29.170
> DST=66.199.29.169 LEN=84 TOS=00 PREC=0x00 TTL=64 ID=43 DF PROTO=ICMP
> TYPE=8 CODE=0 ID=9797 SEQ=44
> Oct 28 11:08:07 foxy OUT-unknown: IN= OUT=eth2 MAC= SRC=192.168.0.1
> DST=66.199.29.175 LEN=78 TOS=00 PREC=0x00 TTL=64 ID=8513 DF PROTO=UDP
> SPT=137 DPT=137 LEN=58
>
OUT-unknown means "none of the defined interfaces matches this traffic".
Also, this is traffic you are trying to send.
To my understanding, if your config is like the one you sent, either:
1. You have a wrong UNROUTABLE_IPS variable, or
2. You have a broken BASH and firehol generates faulty rules.
If you need help, please send me:
a. Your exact config file
b. the output of:
firehol debug
using the config you sent
c.A few log lines, like above, but with the exact config you will send.
Costa
More information about the Firehol-support
mailing list