Robert Spangler wrote:
> On Monday 13 June 2011 14:02, the following was written:
>
>> We just went to replace the bridge/firewall services one one server
>> with the same on another. It's pretty simple, and I literally cloned (w/
>> rsync) a third server that does this onto the one that will be the new
>> one.Then copied the /etc/sysconfig/iptables from the one being
>> replaced, and brought it up this morning.
>>
>> Nope. We had to put everything back the way it was.
>>
>> The new one sees the two or three servers behind the firewall, and we
>> can ping them, from the new box. On one, we see IPP broadcasts; in fact,
>> we see lots of broadcast packets using tcpdump. From outside, though,
>> you can't see the servers. Trying to ping them, they see nothing. It
>> seems to be the case that tcp and icmp packets are blocked, and we
>> can't figure out why.
>
> Is the firewall IP or port based or a combo of both?
> Is the firewall setup on the bridge interface or on each individual server
> interface i.e., eth0, eth1 etc..
Not sure how to answer that. I'd say it's on the external interface.
>
> What does ifconfig show you? Are all the interfaces started? Do the DHCP
> interfaces receive a DHCP address?
Yep. And route shows *only* br3, and when I restart the network br3 brings
up eth0 and eth1.
mark
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
