Jed:
Thanks for trying to help. That is a good idea.
I eventually figured out it was the IPMI card interfering with the packets destined to eth0.
Neil
-- Neil Aggarwal, (214)986-3533, www.JAMMConsulting.com FREE! Eliminate junk email and reclaim your inbox. Visit http://www.spammilter.com for details.
-----Original Message----- From: centos-bounces@centos.org [mailto:centos-bounces@centos.org] On Behalf Of Jed Reynolds Sent: Wednesday, February 21, 2007 10:34 PM To: CentOS mailing list Subject: Re: [CentOS] CentOS 4.4 blocking outbound connections?
Neil Aggarwal wrote:
Fabian:
I rebooted the machine to see what would happen. It went back to not accepting the connections again.
If I turn off the firewall, everything works fine.
I believe there is something flaky in the iptables implementation of CentOS 4.4 from what I am seeing.
Any ideas?
I often write my rules as chains that end in a -j LOG --prefix "chainX" then a -j REJECT, and this helps identify where my traffic is failing. I can then later switch off the logging and turn the rejecting to dropping. Below is a particularly lean example, but it shows a method by which you can get detailed feedback on how your chains match certain packets that you pass to them.
#!/bin/bash #fail=DROP fail=REJECT log=1 ...
[ $log -eq 1 ] && iptables -A INPUT -j LOG --log-prefix 'start:' iptables -N my0ssh iptables -A my0ssh -p tcp -m tcp --m state --state NEW -j RETURN [ $log -eq 1 ] && iptables -A my0ssh -j LOG --log-prefix "my0ssh no match" ... iptables -A INPUT -j my0ssh iptables -J LOG --log-prefix 'fall-thru-failure:' iptables -A INPUT -j $fail
_______________________________________________ CentOS mailing list CentOS@centos.org http://lists.centos.org/mailman/listinfo/centos