[Top] [All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] bridge and masquerade

Michele Petrazzo - Unipex srl wrote:
Jun 3 12:48:12 srv-xen kernel: Firewall DROPPRE- IN=xenbr1 OUT= PHYSIN=peth1 MAC=00:15:17:18:5d:ad:00:0f:b0:df:f9:82:08:00 SRC=10.0.19.254 DST=66.249.93.104 LEN=60 TOS=0x10 PREC=0x00 TTL=64 ID=52054 DF PROTO=TCP SPT=58536 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0 

Ops... Forgot to say that there are a "warning" rule that log all the
will be dropped if, on PREROUTING and POSTROUTING, there is the DROP
policy (but there is ACCEPT).
Jun 3 12:48:12 srv-xen kernel: martian source 66.249.93.104 from 192.168.1.240, on dev eth1 Jun 3 12:48:12 srv-xen kernel: ll header: 00:15:17:18:5d:ad:00:0f:b0:df:f9:82:08:00 



the second thing that I forgot to say is that I don't know why here the
traffic want to go outside through eth1, also if the gw (and the 192
net) it's on eth0!

srv-xen:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface 
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 eth1
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth0 



Michele

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

 

©2013 Xen Project, A Linux Foundation Collaborative Project. All Rights Reserved.
Linux Foundation is a registered trademark of The Linux Foundation.
Xen Project is a trademark of The Linux Foundation.

Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.