similar to: Weird TCP problem

I have a gentoo 2.6.14 box with 4 nics, LAN/DMZ/PUB1/PUB2 LAN and DMZ have a 1918 /22 each, PUB1 and PUB2 have a /29 each of which 5 ips are assigned. Using the mangle table, I give all packets a mark (according to local policies) in the range 1-10. Using ip rule, i pass marks 1-5 through the pub1 route table, and marks 6-10 through the pub2 routing table. Using the nat table, I SNAT to one

Hello, I have an issue with multiple connections to the Internet. I tried following the steps described in [1] but things are not working properly. I would like the network setup as follows: ______ | |- ppp0 -- Dynamic IP (PPPoE on eth2) Internal---- eth0 | GW | |____|- eth1 -- Static IP -> Static''s GW From [1], the

Thanks for the tips, Tom. Here is the tcpdump -n output on the dmz computer - this gets repeated several times as the remote computer attempts to connect: 18:11:54.264580 66.113.134.243.55080 > 192.168.2.1.8082: S 3210481212:3210481212(0) win 5840 <mss 1460,sackOK,timestamp 65650966 0,nop,wscale 0> (DF) 18:11:54.264696 192.168.2.1.8082 > 66.113.134.243.55080: S

Hi all I seem to have a very weird problem. I have a gateway that allows me to route into the LAN etc, but for some reason I cant get traffic out. I have apprended a route like below to help me if its getting that far, and it defiantly is. $IPT -t nat -A POSTROUTING -o eth0 -s 10.0.0.0/24 -j LOG --log-prefix "POST ROUTE: " --log-tcp-options --log-ip-options Feb 18 19:14:16 ukgate

We have a Zenoss server in our main office monitoring (among many other things) an Apache server in a remote network, with a Tinc link between the two networks. The monitoring simply involves making an HTTP request to a URL once every 5 minutes and confirming that a response page comes back. Most of the requests to this particular web server succeed (and similar requests to other web servers

Hi all, I'm pulling my hair out on this problem and wanted to throw it out there to see if anyone else had run across it. I recently restarted my server. There were some network config issues that caused the interfaces not to come back up, but my colo company got those resolved. However, after restart, my IMAPS server has stopped responding to outside requests. I can successfully access

Hi I have a strange problem. I have a firewall with 3 nics. 1 - lan 2 - leased line or diginet 3 - connected to adsl modem I have 2 tables in defined in /etc/iproute2/rt_tables: 200 diginet 201 adsl The ADSL modem has an IP of 192.168.0.1 and is configured to initiate the PPPOE connection. I can mark packets within the network destined for port 80 successfully: ip ro add default via x.x.x.x

Hi, I''m testing out Xen on FC4. I''m using bridging for networking, as well as iptables to firewall, configured with the standard Fedora ''system-config-security-level'' tool. However I have really strange problem with conntrack not seeming to catch outbound connections. This prevents outbound connections working from dom0. Connections from domU''s

We are using Centos behind an F5 Bigip load balancer. The linux box is using bonding and tagged VLAN's Everything works fine except that when traffic is forwarded from the BigIP to the linux box on the VLAN where the web server is running the linux box returns the traffic on the wrong VLAN, It returns traffic on the lowest ordered VLAN. ie. here is a tcpdump on my load balancer showing

My dcgui-qt (chat/file-sharing program) doesn''t work and I''m pretty sure it''s my firewall settings. dcgui-qt is a direct connect (file sharing & chat) client. According to the FAQ here (http://dcplusplus.sourceforge.net/faq/faq.php) all I should need to do is: ------- #ACTION SOURCE DEST PROTO DEST SOURCE ORIGINAL #

Believe me: Read the FAQ Checked over and over This might be toooooo stupid to be documented. Please bear with me. Any help ? Situation: single card standalone "firewall" (used like a "personal firewall"). Have sshd running on the FW. Want the sshd daemon to be accessible only from 2 LANs: 1) My other home LAN machine 2) IBM intranet machines (9.0.0.0) Whatever I have

Hello everybody, I have an odd problem with iptables using a Xen bridge setup. I don''t know if it would be better to post to netfilter Mailing-List. But I hope someone here know how to solve it. If it''s OT here, please let me know. I''ll try to do a little bit ASCII-Graphics to explain the topo better: _________ ________

http://bugzilla.netfilter.org/show_bug.cgi?id=704 CZ <huangj at qualcomm.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|RESOLVED |REOPENED Resolution|FIXED | --- Comment #4 from CZ <huangj at qualcomm.com>

Hello, I am running Shorewall 2.0.2f, on SuSE 9.2 distro, kernel 2.6.8-24.11-default My ip addr show output is as follows: 1: lo: <LOOPBACK,UP> mtu 16436 qdisc noqueue link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 brd 127.255.255.255 scope host lo inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0:

Hi Ravi, back to our client-cannot-reconnect-to-gluster-brick problem ... > Von: Ravishankar N [ravishankar at redhat.com] > Gesendet: Montag, 29. Mai 2017 06:34 > An: Markus Stockhausen; gluster-users at gluster.org > Betreff: Re: [Gluster-users] gluster heal entry reappears > > > On 05/28/2017 10:31 PM, Markus Stockhausen wrote: > > Hi, > > > > I'm

Hello All. I have a strange problem on my router. I use a xl2tpd program to establish a connection to the INTERNET. After I start xl2tpd it's create a new ppp0 device with correct ip parameters, also it's add some routes to the routing table and all this routes are correct too. After connection with provider are establish the router exec some simple iptables+NAT commands to give an

I''m having another little problem with my new firewall. I want outgoing port 25 from my mail server to appear on the address 65.223.121.227 so I created the file masq: eth2 192.168.124.18 65.223.121.227 tcp 25 eth1 eth5 eth1 eth3 eth1 eth4 eth1 == net0 == 209.189.103.196/27 eth2 == net1 == 65.223.121.237/28 eth3 == dmz0 eth4 == dmz1 eth5 == loc ==

Thomas B. R?cker (il 30/07/2014 23:26) ha scritto: You could run "tcpdump -ni eth0 port 8000" and try to access the > icecast web interface. If you don't see any output, then traffic to port > 8000 is blocked externally. good point of view. Ok, let's try: root at mail2:/home/spaziouser# tcpdump -ni eth0 port 8000 tcpdump: verbose output suppressed, use -v or -vv

Does anyone have any idea what to try next? Here are the steps I have taken and the problem: (I wanted to post my question on the first line before I explained the problem and what I have tried) ---------- Node 0 has the file system mounted just fine and works great. When trying to mount on Node 1: `mount.ocfs2 /dev/mapper/data /cluster/ data` I get this error after about 30 seconds:

[192.168.0.0/24 Lan] v [Shorewall box ''Curtain'', 192.168.0.254, DHCP to ISP, and a OpenVPN tunnel 10.4.0.2] v [Internet] v [Shorewall box ''statler'' 130.241.25.165, and an OpenVPN tunnel 10.4.0.1] Now, i have set a rule on statler ACCEPT vpn $FW tcp smtp and i have as below. root@statler:/etc/shorewall# cat zones | grep -v ^# net Net Internet