[CentOS] iptables: forwarding on internal device

Marcus Moeller mm at gcug.de
Mon Feb 9 20:29:13 UTC 2009


Dear Michael,

> The system you are trying to forward with has at least two nics on
> different networks?
> However you are trying to forward between aliases on one nic that is
> located on your internal network?
> And the other nic connects to a DMZ or gateway network?
> This system is not a decicated routing/forwarding system but runs other
> services for network clients/servers that connect to it?

Yes, that's true. We are routing between two internal networks on that
box (migrating to core switch, soon).

But that's not the problem. I just wonder why the packages are dropped
(as it worked correctly on the Slackware box, before - using the same
ruleset)

Btw. it seems that 'service iptables save' fits to activate all other
rulesets. And  it is NOT necessary to define input and output rules
for forwarding on an internal device.

Best Regards
Marcus



More information about the CentOS mailing list