similar to: Ovirt Hosted-Engine VM iptables

Hello Julien, Am Tue, 15 Jan 2019 09:30:23 +0100 schrieb Julien dupont <marcelvierzon at gmail.com>: > In that case I see: > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq1, length 64 > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq2, length 64 > IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id2135, seq3, length 64 > > Packet goes

I have two VMs, both with firewalld installed. One on machine It this in the IN_public chain: Chain IN_public (2 references) pkts bytes target prot opt in out source destination 81 3423 IN_public_log all -- * * 0.0.0.0/0 0.0.0.0/0 81 3423 IN_public_deny all -- * * 0.0.0.0/0 0.0.0.0/0

ip_forward was not enabled, now it is. Still same result: On VPN_office I use 'tcpdump -npi any icmp and host 192.168.1.1' and ping 192.168.1.1 from the client: 5:28:42.646203 IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id 1584, seq 1, length 64 15:28:43.663014 IP 172.16.0.3 > 192.168.1.1: ICMP echo request, id 1584, seq 2, length 64 15:28:44.688133 IP 172.16.0.3 >

I just noticed that when rebooting a CentOS 7 server the firewall comes back up with both interfaces set to REJECT, instead of the eth1 interface set to ACCEPT as defined in 'permanent' firewalld configuration files. All servers are up to date. By "just noticed" I mean that I finally investigated why a newly rebooted VM failed to allow NFS connections. Prior to doing that.

I have do a classicupdate from a NT4 style domain to Samba DC 4.10.7 BIND_DLZ without (apparently) problem All seem work fine, access to PC work, join or re-join a PC to domain work, access from a Linux samba member server to Win7 PC work, access from Win7 to samba member server work. But I cannot access from a PC with win7 to another PC with win7. If I try to access from win7-0 to win7-1 via

Hi, I have a standard Centos7 AMI. Can anyone tell me whats happening here? Thanks, Andrew Aug 19 11:17:23 master dhclient[22897]: bound to 10.141.10.49 -- renewal in 1795 seconds. Aug 19 11:17:24 master network: Determining IP information for eth0... done. Aug 19 11:17:24 master network: [ OK ] Aug 19 11:17:24 master systemd: Started LSB: Bring up/down networking. Aug 19 11:23:43 master

Hello, I came across an interesting problem in my home lab a few weeks ago as I'm prepping for my RHCE exam using Michael Jang study guide. I've been at this for days now, and I still can't wrap my head around how two or more virtual networks in default NAT configuration are even allowed to communicate with each other despite what the libvirt documentation said. Here's the

On Tue, 2017-12-19 at 15:05 -0800, Emmett Culley wrote: > I have two VMs, both with firewalld installed. One on machine It > this in the IN_public chain: > > Chain IN_public (2 references) > pkts bytes target prot opt > in out source destination > 81 3423 IN_public_log all > -- * * 0.0.0.0/0 0.0.0.0/0

On 12/19/2017 03:37 PM, Louis Lagendijk wrote: > On Tue, 2017-12-19 at 15:05 -0800, Emmett Culley wrote: >> I have two VMs, both with firewalld installed. One on machine It >> this in the IN_public chain: >> >> Chain IN_public (2 references) >> pkts bytes target prot opt >> in out source destination >> 81 3423

I'm running Centos 7.8.2003, with firewalld. I was getting huge numbers of ssh attempts per day from a few specific ip blocks. The offenders are 45.0.0.0/24, 49.0.0.0/24, 51.0.0.0/24, 111.0.0.0/24 and 118.0.0.0/24, and they amounted to a multiple thousands of attempts per day. I installed and configured fail2ban, but still saw a lot of attempts in the logs, and the ipset created was

On 10/12/2015 10:17 AM, Gordon Messmer wrote: > On 10/11/2015 03:00 PM, Emmett Culley wrote: >> I just noticed that when rebooting a CentOS 7 server the firewall comes back up with both interfaces set to REJECT, instead of the eth1 interface set to ACCEPT as defined in 'permanent' firewalld configuration files. > > Rather than paraphrasing, could you show the specific

Yesterday I noticed that I was not able to ping one of our development servers so I logged in via VNC and ran the Firewalld GUI. To my surprise, except for the interface definition for public and trusted zones, nothing seemed to be configured. That is, none of the services were checked off that we want open at the firewall. Also, this server is a gateway and masquerading and forwarding appears

On 10/11/2015 03:00 PM, Emmett Culley wrote: > I just noticed that when rebooting a CentOS 7 server the firewall comes back up with both interfaces set to REJECT, instead of the eth1 interface set to ACCEPT as defined in 'permanent' firewalld configuration files. Rather than paraphrasing, could you show the specific rules, chains, or policies you're talking about? A standard

If I've missed someone's response, apologies. As I said, my converted rules seem fine, and I can run the script that issues a bunch of direct rules for the built-in FORWARD rule... but when I try firewall-cmd --reload, it tells me error, that FORWARD is a built-in. Now, today, what I've been looking at is to run iptables-save, and what I see is this (in part): -A FORWARD -m conntrack

On 5/5/2017 1:19 ??, Gianluca Cecchi wrote: > Could you verify, if /dev/sda is your boot disk, with the command > > fdisk -l /dev/sda > ? It's /dev/vda in my case: # fdisk -l /dev/vda Disk /dev/vda: 21.5 GB, 21474836480 bytes, 41943040 sectors Units = sectors of 1 * 512 = 512 bytes Sector size (logical/physical): 512 bytes / 512 bytes I/O size (minimum/optimal): 512 bytes / 512

On Fri, May 5, 2017 at 12:52 PM, Nikolaos Milas <nmilas at noa.gr> wrote: > On 5/5/2017 1:42 ??, Nikolaos Milas wrote: > > Hmm, it seems that the boot flag should be removed from /dev/vda2 >> partition? >> > > Actually, I tried this and left the boot flag only to /dev/vda1. I > rebooted and I am still getting the same error. :-( > > I was hoping we were

Il giorno lun, 02/09/2019 alle 08.26 +0100, Rowland penny via samba ha scritto: > > set 01 22:36:56 s-addc.studiomosca.net named[639]: samba_dlz: > > cancelling transaction on zone studiomosca.net > > That is showing that a client isn't being allowed to update a record. Is it possible to cure it in some way? > > [2] ----[smb.conf] > > > Please do not post

On Tue, Jun 20, 2017 at 02:26:59AM -0400, Travis S. Johnson wrote: >Hello, > >I came across an interesting problem in my home lab a few weeks ago as I'm >prepping for my RHCE exam using Michael Jang study guide. I've been at this >for days now, and I still can't wrap my head around how two or more virtual >networks in default NAT configuration are even allowed to

Hi?guys. There is a wierd problem with iptables recently, hopes somebody can help me. I have installed Centos 7.2.1511 on a bare metal Dell server these days, disabled firewalld and enabled iptables.services, and setup a group of very simple rules, as the following: # iptables-save # Generated by iptables-save v1.4.21 on Tue Apr 23 09:15:14 2019 *filter :INPUT ACCEPT [0:0] :FORWARD ACCEPT

On 5/5/2017 5:11 ??, Barry Brimer wrote: > Are the correct volumes referenced in your /etc/default/grub file? Thanks Barry for your feedback. Here is the output: http://iweb.noa.gr/files/centos7/scratchvm-data-20170505-01.png What can you tell from that? Cheers, Nick