[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Problem with iptables

On Fri, 04 May 2007 00:45:06 -0700, Pierguido <pierg75@yahoo.it> wrote:


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Karl E. Jorgensen wrote:

Strange: With this rule as the *first* rule in the OUTPUT chain,
*everything* outgoing should be accepted, regardless of source,
destination or protocol!?


out_lan    0    --  192.168.30.103       0.0.0.0/0
out_public_lan_124  0    --  192.168.100.2        0.0.0.0/0
out_public_lan_125  0    --  192.168.100.5        0.0.0.0/0
ACCEPT 0 -- 0.0.0.0/0 0.0.0.0/0 state RELATED ULOG 0 -- 0.0.0.0/0 0.0.0.0/0 limit: avg 1/sec burst 5 ULOG copy_range 0 nlgroup 1 prefix `'OUT-unknown:'' queue_threshold 1 

And yet your log entry appears to be the result of this rule...


DROP       0    --  0.0.0.0/0            0.0.0.0/0


Are you 100% sure that these were the rules in effect at the time of the
log entry? It's not making sense ...

Yes...100% sure...i was doing many test and the result was that i had to
disable firehol (and iptables as well).


Check an iptables-save output to see if these rules are matched
against a different interface than intented.

--
Octavio.
Reply to: