|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-users] xen, fc4, bridging, iptables and conntrack problem
Paul Jakma wrote: On Sat, 25 Jun 2005, Jon Howse wrote:Hi Paul,I have Fedora Core 4 and I am having exactly the same problem as you.Aha, so it's not just me. Time to raise a bug with fedora. I can confirm the problem here. [snip] machine and i can't then log in via ssh. It seems that the conntrack system is failing to match already accepted connections.See above. For me, all dom0 initiated connections fail to appear in conntrack state (but strangely the remote replies still get seen by tcpdump on xen-br0). domU's work fine though, as FORWARD is unrestricted.The initial packet seems to get accepted by the INPUT rule, then the reply packet slips past the ESTABLISHED,RELATED rule and gets logged then dropped by the default policy. [snip] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=161792 and please add your comments to it. The snapshot for -unstable used for the latest FC4 package is quite old: * Tue Apr 26 2005 Rik van Riel <...> 2-20050424 - upgrade to last night's snapshotSo perhaps this is already fixed in xen-unstable. Or it was just an artefact of code changes, similar to the problem that xm restore does not work correctly in that snapshot. Rik said he would upgrade to a new snapshot for rawhide rather soon. Not sure when that will be, though. Can anyone not using FC4 confirm problems with iptables and conntrack in the latest -unstable? Best Regards,Michael Paesold _______________________________________________ Xen-users mailing list Xen-users@xxxxxxxxxxxxxxxxxxx http://lists.xensource.com/xen-users
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |