[TriLUG] iptables - sometimes stops working
Turnpike Man
turnpike420 at yahoo.com
Fri Apr 11 00:47:48 EDT 2003
The firewall is doing NAT, but it is either all or nothing. I do have some
things logging, but not all things and I can't seem to find anything in any
system logs that show what is happening either. Unfortunately I haven't been
with linux quite long enough to know everything I should be looking for. If
someone wanted, they could come look at it if they are curious... but it really
doesn't matter... it isn't a production machine. I'm setting that up now to
replace the lab one for testing before it goes to corporate production... so if
that one (which is actual server hardware, not a desktop doing firewalling)
does well, I should be fine. It is a Netfinity 3000 if anyone is interested to
know. I didn't pick it and don't like it, but it is available with a 9GB SCSI
drive, p2 450, 256 ram... just fine for a small firewall me thinks. If
anything out of the ordinary happens with that piece of hardware, I'll be sure
to revisit this topic.
thanks all,
David M.
--- Corey Mutter <mutterc at nc.rr.com> wrote:
> Is the firewall doing NAT? Maybe connections are aging-out of that table...
>
> Also, another way you can debug this (if you think a rule is getting
> traffic dropped) is to make every traffic-dropping rule log the packets
> (easy to do by creating a chain that logs the packet then drops it, then
> jumping to that chain everywhere that you would do -j DROP). That way,
> you get insight into what's being dropped when and why.
>
> Corey
__________________________________________________
Do you Yahoo!?
Yahoo! Tax Center - File online, calculators, forms, and more
http://tax.yahoo.com
More information about the TriLUG
mailing list