X-Original-To: alpine-devel@lists.alpinelinux.org
Delivered-To: alpine-devel@mail.alpinelinux.org
Received: from mail-pb0-f54.google.com (mail-pb0-f54.google.com [209.85.160.54])
	(using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits))
	(No client certificate requested)
	by mail.alpinelinux.org (Postfix) with ESMTPS id 225FFDC0413
	for <alpine-devel@lists.alpinelinux.org>; Mon, 16 Apr 2012 06:08:37 +0000 (UTC)
Received: by pbcwz17 with SMTP id wz17so6234243pbc.13
        for <alpine-devel@lists.alpinelinux.org>; Sun, 15 Apr 2012 23:08:37 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20120113;
        h=mime-version:in-reply-to:references:date:message-id:subject:from:to
         :cc:content-type;
        bh=iNBiVPXBZOGcSw05KD3R+4//ea/t7k1y2hS80wK6MX0=;
        b=VMwt2PkRs8HfdsjvfsCWgIdyOo6iZcnkpyImJI6r6VJVgTWuk/0KtGhOVKaBaAkOfn
         5tjwMcaSv7rhgiUp4zh1NLB96Hpelx7Jeb1XpXDE/XbX6Dy6v16pXTfRkzGnmCXbszuh
         rL0LS3Z/25GSMElBlwmpi+KvMgmIkv4lpmCB0Gi7II5Qb2M46Y1xruB5PXHJ9w5mcyAa
         lI9nD7rs1rPS0ChsfYEQCNKGqXXlVliDd/Y/Ury4WZPZW6EPb2KhcbUo58WllGl9Yivl
         AFtgFKdA0VlqmlNyySbc6scmp2ams64Dvd3s/AT0rssGNQy422Cc0WVJ6JpJf38YC9E7
         aUQA==
X-Mailinglist: alpine-devel
Precedence: list
List-Id: Alpine Development <alpine-devel.lists.alpinelinux.org>
List-Unsubscribe: 
	<mailto:alpine-devel+unsubscribe@lists.alpinelinux.org?subject=unsubscribe>
List-Post: <mailto:alpine-devel@lists.alpinelinux.org>
List-Help: <mailto:alpine-devel+help@lists.alpinelinux.org?subject=help>
List-Subscribe: 
	<mailto:alpine-devel+subscribe@lists.alpinelinux.org?subject=subscribe>
MIME-Version: 1.0
Received: by 10.68.232.231 with SMTP id tr7mr25353380pbc.63.1334556517011;
 Sun, 15 Apr 2012 23:08:37 -0700 (PDT)
Received: by 10.68.141.231 with HTTP; Sun, 15 Apr 2012 23:08:36 -0700 (PDT)
In-Reply-To: <CAGG_d8CMDHr4DnoSz2AEe3s99Cyv+Q4wYActSvC_G36HXbx91g@mail.gmail.com>
References: <1334300016.25030.15.camel@df1844j>
	<20120413221535.16060469@alpinelinux.org>
	<CAGG_d8CMDHr4DnoSz2AEe3s99Cyv+Q4wYActSvC_G36HXbx91g@mail.gmail.com>
Date: Mon, 16 Apr 2012 08:08:36 +0200
Message-ID: <CAGG_d8BUZGQp7RAn548CrqfQs+N982zk8Pkdkn19HsTWTUja0g@mail.gmail.com>
Subject: Re: [alpine-devel] edge 120403: bug in netfilter?
From: Leonardo Arena <rnalrd@gmail.com>
To: Natanael Copa <ncopa@alpinelinux.org>
Cc: Alpine-devel <alpine-devel@lists.alpinelinux.org>
Content-Type: text/plain; charset=ISO-8859-1

On Sat, Apr 14, 2012 at 8:22 AM, Leonardo Arena <rnalrd@gmail.com> wrote:
> On Fri, Apr 13, 2012 at 10:15 PM, Natanael Copa <ncopa@alpinelinux.org> wrote:
>> On Fri, 13 Apr 2012 08:53:36 +0200
>>> Anybody noticed the same issue, or am I missing something obvious?
>>
>> Did you add the interface to any zone?
>
> Yes, of course. Zones, Interfaces and Policy are fully configured.
> Doesn't look like it's a Shorewall issue, as I was able to reproduce
> it with iptables only.

"iptables -L E2fw -vn shows that the ACCEPT rule isn't matched (0 pkts).
I can observe the same behaviour with the following rule too:

ACCEPT		inet:$MYIP	fw		udp	514

Incoming syslog packets aren't matched by the rule. It seems that they
are dropped early.
All dropped packets are logged via "info" but I don't see any dropped
packet in busybox syslog.

- leonardo


---
Unsubscribe:  alpine-devel+unsubscribe@lists.alpinelinux.org
Help:         alpine-devel+help@lists.alpinelinux.org
---