Mail archive

Re: [alpine-devel] edge 120403: bug in netfilter?

From: Leonardo Arena <>
Date: Mon, 16 Apr 2012 08:08:36 +0200

On Sat, Apr 14, 2012 at 8:22 AM, Leonardo Arena <> wrote:
> On Fri, Apr 13, 2012 at 10:15 PM, Natanael Copa <> wrote:
>> On Fri, 13 Apr 2012 08:53:36 +0200
>>> Anybody noticed the same issue, or am I missing something obvious?
>> Did you add the interface to any zone?
> Yes, of course. Zones, Interfaces and Policy are fully configured.
> Doesn't look like it's a Shorewall issue, as I was able to reproduce
> it with iptables only.

"iptables -L E2fw -vn shows that the ACCEPT rule isn't matched (0 pkts).
I can observe the same behaviour with the following rule too:

ACCEPT inet:$MYIP fw udp 514

Incoming syslog packets aren't matched by the rule. It seems that they
are dropped early.
All dropped packets are logged via "info" but I don't see any dropped
packet in busybox syslog.

- leonardo

Received on Mon Apr 16 2012 - 08:08:36 UTC