[ale] Iptables wierdness

Jim Kinney jim.kinney at gmail.com
Mon Feb 16 08:51:30 EST 2015


I'm on my phone at the moment. I'll get on a keyboard and pull data shortly.

It does show rules so its running. I'll include the setup rules for clarity.

Oh. NetworkManager is not controlling the process at all. In RHEL7 it's
supposed to be able to do many, many things that could only be done with
manual tricks. But the new process is far more complicated than doing it
manually for the simple setup I have.
On Feb 16, 2015 8:42 AM, "Alex Carver" <agcarver+ale at acarver.net> wrote:

> What are the current rules as listed by iptables -n -L and iptables -n
> -L -t nat?
>
> On 2015-02-16 05:35, Jim Kinney wrote:
> > I've got a firewall/router running centos 7. I've disabled firewalld and
> > enabled iptables instead while I learn the new firewalld.
> >
> > The box has a WAN nic with 3 IPs. One for itself and the other 2 for
> other
> > systems. I'm using nat and have pre and post routing rules to do the
> > translation.
> >
> > Now for the weirdness.
> >
> > One works and the other doesn't.
> >
> > The rules are identical except for IPs. The rest of the LAN is simply nat
> > translated outbound. They all work. One server, the :2 on the nic can't
> get
> > outside at all if one the static translate. The :1 machine is fine.
> >
> > Doing a tcpdump shows ping to WAN gateway going out and returning to
> > outside nic but it then gets lost in the redirect.
> >
> > There are explicit forward rules for needed ports but I opened it to all
> > ports for the troubled machine.
> >
> > It's a new machine that passed a full memtest+ run.
> >
> > I'm stumped.
> >
> >
> >
> > _______________________________________________
> > Ale mailing list
> > Ale at ale.org
> > http://mail.ale.org/mailman/listinfo/ale
> > See JOBS, ANNOUNCE and SCHOOLS lists at
> > http://mail.ale.org/mailman/listinfo
> >
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20150216/74916f4b/attachment.html>


More information about the Ale mailing list