[CentOS] CentOS 5.2 + iptables + memcached Problem

Filipe Brandenburger filbranden at gmail.com
Fri Dec 12 22:33:46 UTC 2008


Hi,

On Fri, Dec 12, 2008 at 15:45, Art Age Software <artagesw at gmail.com> wrote:
> IPTABLES -A XXX  -i bond0 -p tcp -m tcp  -s 192.168.1.0/24  -d
> 192.168.1.0/24  --dport 11211  -j ACCEPT

> Dec 12 20:33:53 s1 kernel: DROP -- Catch All: IN= OUT=bond0
> SRC=192.168.1.1 DST=192.168.1.2 LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID=0
> DF PROTO=TCP SPT=11211 DPT=47567 WINDOW=0 RES=0x00 RST URGP=0

The packages it's dropping are with *source* port 11211, they are the replies.

Either configure your firewall in stateful mode (-m state, --state
NEW, --state ESTABLISHED, etc.) or add rules to allow the replies from
that source port.

HTH,
Filipe


More information about the CentOS mailing list