[CentOS] Not firewall, but what?

Sun May 16 02:29:55 UTC 2010
Gordon Messmer <yinyang at eburg.com>

On 05/14/2010 12:10 AM, Jussi Hirvi wrote:
>
> Ok, rc.d/routes is probably it

Looks that way.  I find that relatively reassuring.  No "linux magic" 
involved.  But then, if you didn't set that up, who did?

> (on the "healthy" machine I previously
> used as a reference). I will have to study the ip command and routing a
> bit, then make a fix on the "non-healthy" (xen) box.

I'd recommend either setting the rules up in a "rules-eth0" or such file 
in /etc/sysconfig/network-scripts, or using shorewall.  Inventing your 
own system is workable, but as you've found, they tend not to be 
documented well which leads future admins (or even future you) to wonder 
how things work.  Use the facilities available rather than fighting them.