Re: [Xen-users] Re: routing in xen 3.0 domU: icmp gets routed, but tcp/ip only partially

Quoting Matthew Palmer <mpalmer@xxxxxxxxxxx>:
My 'very basic' on fairly similar symptoms was some default rules that the Xen networking scripts were inserting -- in my case, the FORWARD chain had it's policy set to DROP. Open that up and all was good.

All chains (checked with `ipchains -L` and `ipchains -L -t nat`)
on the domU have policy ACCEPT. There are also no rules defined.
Removing the netfilter modules (just in case) has no effect; I
can ping the dmz, but not get the daytime of the dmz from the
external system (just like before).

The dom0 doesn't have netfilter support (not compiled in, nor
as modules). Is it needed in dom0?

Regards, Peter

