Don Russell wrote: > Mikkel L. Ellertson wrote: >> Try running "service ip6tables save" as well, and see if that helps. >> Also, check the date/contents of /etc/sysconfig/iptables to make >> sure your changes are being saved. If not, look for a selinux >> message in the logs about it... >> >> Mikkel >> > > I did check the contents of /etc/sysconfig/iptables before and did see > the new rules there.... > > Using "service ip6tables save" seems to have "done the trick".... is > that WAD, or is that bugzilla-able :-) > Not exactly a WAG, but not based on personal experience. (I have IP6 turned off on the local network...) It is more troubleshooting experience that gives me ideas on what to try. Something on the order of asking yourself what can be affecting firewall rules. Start with the easy things - iptables, ip6 tables. Check to make sure selinux is not blocking re-writing the rewriting of the rules. If saving the changes to ip6tables "fixes" the problem, as it look like it did here, then it looks like there needs to be a change so that "service iptables save" updates ip6tables if they are going to affect the rules as well. (And the reverse - saving ip6tables should also save iptables.) But I am wondering why the default rules are being restored. I am on shaky ground here, because I have not looked at the network scripts for a while. Is it because of the DHCP lease getting renewed, the network connection dropping, and being restored, or something else? I can see the rules needing to be reloaded if you get a new IP address. But not just because the lease was renewed. I see that you have filed a bug report, so hopefully this will be answered by the people that really know the network scripts... Mikkel -- Do not meddle in the affairs of dragons, for thou art crunchy and taste good with Ketchup!
Attachment:
signature.asc
Description: OpenPGP digital signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list