[ale] Iptables wierdness

Jim Kinney jim.kinney at gmail.com
Mon Feb 16 08:35:38 EST 2015


I've got a firewall/router running centos 7. I've disabled firewalld and
enabled iptables instead while I learn the new firewalld.

The box has a WAN nic with 3 IPs. One for itself and the other 2 for other
systems. I'm using nat and have pre and post routing rules to do the
translation.

Now for the weirdness.

One works and the other doesn't.

The rules are identical except for IPs. The rest of the LAN is simply nat
translated outbound. They all work. One server, the :2 on the nic can't get
outside at all if one the static translate. The :1 machine is fine.

Doing a tcpdump shows ping to WAN gateway going out and returning to
outside nic but it then gets lost in the redirect.

There are explicit forward rules for needed ports but I opened it to all
ports for the troubled machine.

It's a new machine that passed a full memtest+ run.

I'm stumped.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20150216/ac0fba23/attachment.html>


More information about the Ale mailing list