On Wednesday 28 September 2005 15:51, David Coulson wrote: > Sheldon Hearn wrote: > > So basically, the SYN+ACK is arriving back at the firewall, but the > > firewall then ignores it. If I add logging, I see the packet hit > > PREROUTING, but that's it. > > Disable return path filtering on the interfaces. > > echo 0 > /proc/sys/net/ipv4/conf/eth0/rp_filter Thank you. Thank you, thank you, thank you. Grovel. Grovel, grovel, grovel. Ciao, Sheldon. -- Sheldon Hearn IT Director Clue Technologies (PTY) Ltd Web: http://www.clue.co.za/ Mail: sheldonh@xxxxxxxxxx Office: +27-21-434-8034 Mobile: +27-83-564-3276 Timezone: SAST (+0200)
Attachment:
pgpfu5rlDC3GU.pgp
Description: PGP signature
