Anthony K
2021-May-01 04:19 UTC
[CentOS] ipforwarding between interfaces and firewall rules
On 1/5/21 2:15 pm, Anthony K wrote:> On 26/4/21 8:42 am, R C wrote: >> ... >> for example; if I do "ping www.google.com"? I get a "ping >> www.google.com: Name or service not known"? If I use? an IP address >> (from www.google.com), it just works. > > Sometimes seeing the traffic flow reveals what's really going on. To > that end, run command below on the firewall box: tcpdump -i any port > 53 or port 5353 Then on the client, query www.google.com >That didn't format well at all - one more try: On firewall: tcpdump -l -n -i any port 53 or port 5353 --- On client: query www.google.com
from what I heard, nftables doesn't support forward rules yet, until RHEL/Centos 8.5?? at this time it can be "resolved" using iptables as the firewall backend, but not nftables (which is not ideal, but ...? ) . Ron On 4/30/21 10:19 PM, Anthony K wrote:> On 1/5/21 2:15 pm, Anthony K wrote: >> On 26/4/21 8:42 am, R C wrote: >>> ... >>> for example; if I do "ping www.google.com"? I get a "ping >>> www.google.com: Name or service not known"? If I use? an IP address >>> (from www.google.com), it just works. >> >> Sometimes seeing the traffic flow reveals what's really going on. To >> that end, run command below on the firewall box: tcpdump -i any port >> 53 or port 5353 Then on the client, query www.google.com >> > That didn't format well at all - one more try: > > On firewall: tcpdump -l -n -i any port 53 or port 5353 --- > > On client: query www.google.com > > > _______________________________________________ > CentOS mailing list > CentOS at centos.org > https://lists.centos.org/mailman/listinfo/centos