Sachin Gopal [gopalsachin@xxxxxxxxx] Try putting a established, related as accept. ------------------------------------------------------------------------ same result :*(... cant navagate from client (172.16.39.88) [root@srvsc1aps ~]# iptables -nL -v --line-numbers Chain INPUT (policy DROP 967 packets, 68517 bytes) num pkts bytes target prot opt in out source destination 1 885 82176 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0 2 1162 71075 ACCEPT tcp -- * * 172.16.0.0/16 0.0.0.0/0 tcp dpt:22 3 0 0 ACCEPT tcp -- * * 172.16.0.0/16 0.0.0.0/0 tcp dpt:8888 4 9 3197 ACCEPT tcp -- * * 172.16.39.88 0.0.0.0/0 state RELATED,ESTABLISHED tcp dpt:3128 5 34963 39M ACCEPT all -- * * 172.16.33.0/24 0.0.0.0/0 <-- ALL PROXY CONNECTION (3128) --> Chain FORWARD (policy DROP 0 packets, 0 bytes) num pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 2774K packets, 1124M bytes) num pkts bytes target prot opt in out source destination 1 823 75985 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0 [root@srvsc1aps ~]# -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
