[CentOS] iptables: forwarding on internal device
Marcus Moeller
mm at gcug.de
Tue Feb 10 19:49:08 UTC 2009
Good Evening.
>> LAN1 -> LINUX_ROUTER -> LAN2
>>
>> Response:
>>
>> LAN2 -> CORE-ROUTER(with LINUX_ROUTER as default Gateway) ->
>> LINUX_ROUTER | BLOCKED | LAN1
>>
>> This may be the case as the CORE-ROUTER was not part of the network in
>> good ol' slacky times.
> ----
> You do have all your Routes Defined on all machines and routers? Last does
> that machine in question have it routes defined on it "route 10.x.x.x/x"?
I have defined a route to LAN2 over a gateway in LAN1 (same network
segment) and all machines in LAN2 have the CORE-ROUTER
defined as default gw which itself got a last resort to the LINUX_ROUTER.
> Only other thing you can do is start from scratch. Save all your rules and
> add them one at a time. If you can't have it off the network reduce the
> rules to a bare minimum. Are the switches configured correct?
I wonder if netfilter just drops a package if it's response comes from
a different MAC address.
Best Regards
Marcus
More information about the CentOS
mailing list