[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-users] iptables and state matches (established, related)

To: John Hannfield <hal9020@xxxxxxxxx>
From: Marc Patino Gómez <mpatino@xxxxxxxxxxxx>
Date: Thu, 03 May 2007 09:04:53 +0200
Cc: Tomas Lund <tlund@xxxxxx>, Andrey Oreshnikov <elride@xxxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 03 May 2007 00:03:00 -0700
List-id: Xen user discussion <xen-users.lists.xensource.com>

I have the same problem, and also

echo "0" >/proc/sys/net/bridge/bridge-nf-call-iptables

solves it. I don't known the reason, so I will read some doc about it.
Thanks John !!


John Hannfield wrote:

This is a known problem with Xen 3.0.x  and iptables connection tracking.
Connection tracking and state filtering only works as long as xen is
not running.
Try doing this:

echo "0" >/proc/sys/net/bridge/bridge-nf-call-iptables

That fixed it for me.



_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

Follow-Ups:
- Re: [Xen-users] iptables and state matches (established, related)
  - From: Daniel P. Berrange

Prev by Date: Re: [Xen-users] xm save
Next by Date: [Xen-users] Howto debug initrd image?
Previous by thread: [Xen-users] xm save
Next by thread: Re: [Xen-users] iptables and state matches (established, related)
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.