WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 
 
Home Products Support Community News
 
   
 

xen-users

Re: [Xen-users] bridge and masquerade

To: xen-users@xxxxxxxxxxxxxxxxxxx
Subject: Re: [Xen-users] bridge and masquerade
From: Michele Petrazzo - Unipex srl <michele.petrazzo@xxxxxxxxx>
Date: Sun, 03 Jun 2007 13:18:59 +0200
Delivery-date: Sun, 03 Jun 2007 04:17:20 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <4662A167.5040009@xxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
References: <4662A167.5040009@xxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.8.1b1) Gecko/20060724 Thunderbird/2.0a1 Mnenhy/0.7.4.0
Michele Petrazzo - Unipex srl wrote:
Jun 3 12:48:12 srv-xen kernel: Firewall DROPPRE- IN=xenbr1 OUT= PHYSIN=peth1 MAC=00:15:17:18:5d:ad:00:0f:b0:df:f9:82:08:00 SRC=10.0.19.254 DST=66.249.93.104 LEN=60 TOS=0x10 PREC=0x00 TTL=64 ID=52054 DF PROTO=TCP SPT=58536 DPT=80 WINDOW=5840 RES=0x00 SYN URGP=0

Ops... Forgot to say that there are a "warning" rule that log all the
will be dropped if, on PREROUTING and POSTROUTING, there is the DROP
policy (but there is ACCEPT).

Jun 3 12:48:12 srv-xen kernel: martian source 66.249.93.104 from 192.168.1.240, on dev eth1 Jun 3 12:48:12 srv-xen kernel: ll header: 00:15:17:18:5d:ad:00:0f:b0:df:f9:82:08:00


the second thing that I forgot to say is that I don't know why here the
traffic want to go outside through eth1, also if the gw (and the 192
net) it's on eth0!

srv-xen:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0     0.0.0.0         255.255.255.0   U     0      0        0 eth0
10.0.0.0        0.0.0.0         255.0.0.0       U     0      0        0 eth1
0.0.0.0 192.168.1.254 0.0.0.0 UG 0 0 0 eth0



Michele

_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users

<Prev in Thread] Current Thread [Next in Thread>