[CentOS] DNS or firewall problem

Tue Jul 6 02:10:54 UTC 2010
Timothy Murphy <gayleard at eircom.net>

Thomas Dukes wrote:

>> Do u have ipv4 forwarding on in your /etc/syscttl
> 
> Uhhh, in /etc/sysctl.conf,
> 
> net.ipv4.conf.ip_forward = 0  ??
> 
> change to = 1 ??

I have more or less the same setup as you,
and I have
	net.ipv4.conf.ip_forward = 0
in /etc/sysctl like you,
but I have no problem accessing my server from my laptop.

I am running shorewall,
and it would be easy to set this up
to have the effect you describe.

I have the line
	loc             $FW             ACCEPT
in /etc/shorewall/policy .
The default is
	loc            $FW             REJECT          info
which would have the effect you describe.

Nb I don't really understand iptables,
but I find shorewall does most of the thinking for me.



-- 
Timothy Murphy  
e-mail: gayleard /at/ eircom.net
tel: +353-86-2336090, +353-1-2842366
s-mail: School of Mathematics, Trinity College, Dublin 2, Ireland