Problems with iptables?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Since the last update, i have several problems with iptables.

I have a firewall with several nics built-in.

-> i have forwarding enabled (/proc/sys/net/ipv4/ip_forward = 1)
-> i have no further forwarding rule in iptables, except the default one -> i inserted
source-nat-rules on the outgoing devices
-> with squid, i use the transparent-proxying-script
-> that script redirects all queries on port 80 to port 3128 (where squid is listen on)
-> for the inner lan, the nic is trusted

so, since the last update, no forwarding, except passing through squid (web only), and
only if i configure firefox with the proxy-settings. No redirection from outgoing port
80 to 3128 is done by iptables.

It also seems, that masquerading does no longer work on the outgoing interfaces. Are
there known issues about iptables or the last kernel?


Thanks for your help.
Roger

----

i was fiddling a little bit yesterday, and i inserted in /etc/sysconfig (which isn't a
real lucky solution) in lines 3 and 4 forwarding information:

-A FORWARD -i eth0 -j ACCEPT
-A FORWARD -i tun0 -j ACCEPT

and since then, checking with iptables -L -v i see, that those forwarding rules are
counting packets.

What is not counting packets at all is SNAT in the nat table. Is there an error within
iptables?

I use the following rules:

/sbin/iptables -A POSTROUTING -t nat -o eth0 -j SNAT --to-source x.y.z.c

i use this 4 times for all my several subnets, and this has been working perfect until
the last upgrade :(

Did i miss something?

Thanks in advance,
Roger

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
[Index of Archives]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora Magazine]     [Fedora News]     [Fedora Summer Coding]     [Fedora Laptop]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [SSH]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Gnome Users]     [KDE Users]     [Fedora Art]     [Fedora Docs]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Libvirt Users]     [Fedora ARM]

  Powered by Linux