9 Feb
2009
9 Feb
'09
10:06 p.m.
Marcus Moeller wrote:
Hi,
iptables -L -v now shows:
0 0 ACCEPT all -- eth0 eth0 anywhereanywhere state NEW,RELATED,ESTABLISHED
But the packages are still dropped:
Feb 9 10:48:20 firewall kernel: DROP-TCP IN=eth0 OUT=eth0 SRC=192.168.100.192 DST=172.28.2.161 LEN=44 TOS=0x00 PREC=0x00 TTL=59 ID=54 PROTO=TCP SPT=9100 DPT=4068 WINDOW=0 RES=0x00 ACK SYN URGP=0
My guess is will ACCEPT packets but since you haven't defined a FORWARD or an OUPUT chain it drops them.
As mentioned, I have added a rule like:
/sbin/iptables -A FORWARD -i eth0 -o eth0 -m state --state NEW,RELATED,ESTABLISHED -j ACCEPT
to forward packages on the internal device.
It's not what you say that counts, it's what
iptables -L -v
says - and it's not there.
Good luck.
--
Article. VI. Clause 3 of the constitution of the United States states:
"The Senators and Representatives before mentioned, and the Members of
the several State Legislatures, and all executive and judicial Officers,
both of the United States and of the several States, shall be bound by
Oath or Affirmation, to support this Constitution; but no religious Test
shall ever be required as a Qualification to any Office or public Trust
under the United States."