Strange NAT Behavior

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

To all;
I've got a CentOS 4.2 box configured as your standard nat firewall. Nothing fancy, nothing new. Of course logwatch is on and configured to report about the day's previous activities. After looking at these emails from logwatch I noticed something funny. There were entries from where the firewall was blocking my LAN pc's. Huh? That's right. I went thru /var/log/messages to confirm. Sure enough, there are logged events from when one of the LAN pc's was blocked from going to say yahoo, adobe or google. Weird thing is, it's random. Ports are random to.I can't make heads or tales out of a pattern or reason why. So why on earth would a nat firewall with no outgoing drop rules all of a sudden block these lan pc's? Oh one more thing of note. This same nat firewall (text file with the rules) was used on a fedora core 1 box about a month ago. No issues with random outgoing blocks.
Anthony R. Vallario
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux