[CentOS] iptables starts blocking outbound http traffic

Neil Aggarwal

neil at JAMMConsulting.com
Thu Nov 6 14:33:59 UTC 2008


Hello:

I have a machine running CentOS 5 x86_64.

It is running apache httpd and tomcat.

For some reason, after running for a few days,
web requests stop responding.  It happened again
this morning.  I check the syslog and see a HUGE
number of logs like this:

OUTPUT IN= OUT=eth0 SRC=[MyIP] DST=[OutsideIP] LEN=532 TOS=0x00 PREC=0x00
TTL=64 ID=52669 DF PROTO=TCP SPT=80 DPT=54697 WINDOW=61 RES=0x00 ACK PSH FIN
URGP=0

Here are my iptables commands for http connections (I have the default
policy set to drop):

# Allow http connections from the outside world
/sbin/iptables -A INPUT -i eth0 -d $ETH0_IP -p tcp --sport 1024: --dport
http -m state --state NEW,ESTABLISHED -j ACCEPT
/sbin/iptables -A OUTPUT -o eth0 -s $ETH0_IP -p tcp --sport http --dport
1024: -m state --state ESTABLISHED -j ACCEPT

Here are some strange things:
1. I have the exact same rules running on two other servers which do 
	not give me any trouble.
2. If I stop and restart httpd and tomcat, the problem goes away.  This
	suggests the firewall is not a problem.

Any ideas what is going on?

Thanks,
	Neil

--
Neil Aggarwal, (832)245-7314, www.JAMMConsulting.com
Eliminate junk email and reclaim your inbox.
Visit http://www.spammilter.com for details. 




More information about the CentOS mailing list