Fortunately/unfortunately it was just because of ip_forward being 0. Thanks. On Wed, Apr 14, 2010 at 12:59 PM, Jan Engelhardt <jengelh@xxxxxxxxxx> wrote: > On Wednesday 2010-04-14 10:30, Oguz Yilmaz wrote: > >>OS is CentOS 5.4 >>Kernel is 2.6.18-164 >> >>Sometimes my firewall blocks the internet. When I inspect I have seen: >>- nat PREROUTING counters increase >>- filter FORWARD counters do not increase >>- nat POSTROUTING counters do not increase >> >>According to the diagram of Engelhardt, >>http://jengelh.medozas.de/images/nf-packet-flow.png, the problem >>should be in Bridging Decision point or acc.to former diagrams in >>Routing Decision point. >> >>I have tried to flush routing cache by "ip ro fl ca". >> >>Problem is recovered only after /etc/init.d/iptables stop / start >> >>I need further cues for deepen the problem, or exact reasons for >>updating/recompling to newer kernel/netfilter. > > We need further cues like the ruleset. > -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
