* Packets stops traversing after nat PREROUTING
@ 2010-04-14 8:30 Oguz Yilmaz
2010-04-14 9:59 ` Jan Engelhardt
0 siblings, 1 reply; 3+ messages in thread
From: Oguz Yilmaz @ 2010-04-14 8:30 UTC (permalink / raw)
To: netfilter
OS is CentOS 5.4
Kernel is 2.6.18-164
Sometimes my firewall blocks the internet. When I inspect I have seen:
- nat PREROUTING counters increase
- filter FORWARD counters do not increase
- nat POSTROUTING counters do not increase
According to the diagram of Engelhardt,
http://jengelh.medozas.de/images/nf-packet-flow.png, the problem
should be in Bridging Decision point or acc.to former diagrams in
Routing Decision point.
I have tried to flush routing cache by "ip ro fl ca".
Problem is recovered only after /etc/init.d/iptables stop / start
I need further cues for deepen the problem, or exact reasons for
updating/recompling to newer kernel/netfilter.
Best Regards,
Oguz.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Packets stops traversing after nat PREROUTING
2010-04-14 8:30 Packets stops traversing after nat PREROUTING Oguz Yilmaz
@ 2010-04-14 9:59 ` Jan Engelhardt
2010-04-14 20:09 ` Oguz Yilmaz
0 siblings, 1 reply; 3+ messages in thread
From: Jan Engelhardt @ 2010-04-14 9:59 UTC (permalink / raw)
To: Oguz Yilmaz; +Cc: netfilter
On Wednesday 2010-04-14 10:30, Oguz Yilmaz wrote:
>OS is CentOS 5.4
>Kernel is 2.6.18-164
>
>Sometimes my firewall blocks the internet. When I inspect I have seen:
>- nat PREROUTING counters increase
>- filter FORWARD counters do not increase
>- nat POSTROUTING counters do not increase
>
>According to the diagram of Engelhardt,
>http://jengelh.medozas.de/images/nf-packet-flow.png, the problem
>should be in Bridging Decision point or acc.to former diagrams in
>Routing Decision point.
>
>I have tried to flush routing cache by "ip ro fl ca".
>
>Problem is recovered only after /etc/init.d/iptables stop / start
>
>I need further cues for deepen the problem, or exact reasons for
>updating/recompling to newer kernel/netfilter.
We need further cues like the ruleset.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Packets stops traversing after nat PREROUTING
2010-04-14 9:59 ` Jan Engelhardt
@ 2010-04-14 20:09 ` Oguz Yilmaz
0 siblings, 0 replies; 3+ messages in thread
From: Oguz Yilmaz @ 2010-04-14 20:09 UTC (permalink / raw)
To: netfilter
Fortunately/unfortunately it was just because of ip_forward being 0. Thanks.
On Wed, Apr 14, 2010 at 12:59 PM, Jan Engelhardt <jengelh@medozas.de> wrote:
> On Wednesday 2010-04-14 10:30, Oguz Yilmaz wrote:
>
>>OS is CentOS 5.4
>>Kernel is 2.6.18-164
>>
>>Sometimes my firewall blocks the internet. When I inspect I have seen:
>>- nat PREROUTING counters increase
>>- filter FORWARD counters do not increase
>>- nat POSTROUTING counters do not increase
>>
>>According to the diagram of Engelhardt,
>>http://jengelh.medozas.de/images/nf-packet-flow.png, the problem
>>should be in Bridging Decision point or acc.to former diagrams in
>>Routing Decision point.
>>
>>I have tried to flush routing cache by "ip ro fl ca".
>>
>>Problem is recovered only after /etc/init.d/iptables stop / start
>>
>>I need further cues for deepen the problem, or exact reasons for
>>updating/recompling to newer kernel/netfilter.
>
> We need further cues like the ruleset.
>
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2010-04-14 20:09 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-04-14 8:30 Packets stops traversing after nat PREROUTING Oguz Yilmaz
2010-04-14 9:59 ` Jan Engelhardt
2010-04-14 20:09 ` Oguz Yilmaz
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).