WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-users

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [Xen-users] iptables and state matches (established, related)

from [Marc Patino Gómez] [Permanent Link][Original]
To: John Hannfield <hal9020@xxxxxxxxx>
Subject: Re: [Xen-users] iptables and state matches (established, related)
From: Marc Patino Gómez <mpatino@xxxxxxxxxxxx>
Date: Thu, 03 May 2007 09:04:53 +0200
Cc: Tomas Lund <tlund@xxxxxx>, Andrey Oreshnikov <elride@xxxxxxxxx>, xen-users@xxxxxxxxxxxxxxxxxxx
Delivery-date: Thu, 03 May 2007 00:03:00 -0700
Envelope-to: www-data@xxxxxxxxxxxxxxxxxx
In-reply-to: <4d95b0990704280549i4827eaddmeec7a2b902259dd3@xxxxxxxxxxxxxx>
List-help: <mailto:xen-users-request@lists.xensource.com?subject=help>
List-id: Xen user discussion <xen-users.lists.xensource.com>
List-post: <mailto:xen-users@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-users>, <mailto:xen-users-request@lists.xensource.com?subject=unsubscribe>
Organization: CLARANET SAU
References: <c8749d500704100344n14cbf826x3cb70dc77373ce97@xxxxxxxxxxxxxx> <Pine.LNX.4.61.0704201317390.4846@xxxxxxxxxxx> <4d95b0990704280549i4827eaddmeec7a2b902259dd3@xxxxxxxxxxxxxx>
Sender: xen-users-bounces@xxxxxxxxxxxxxxxxxxx
User-agent: Thunderbird 1.5.0.10 (X11/20070403) 
I have the same problem, and also

echo "0" >/proc/sys/net/bridge/bridge-nf-call-iptables

solves it. I don't known the reason, so I will read some doc about it.
Thanks John !!


John Hannfield wrote:

This is a known problem with Xen 3.0.x  and iptables connection tracking.
Connection tracking and state filtering only works as long as xen is
not running.
Try doing this:

echo "0" >/proc/sys/net/bridge/bridge-nf-call-iptables

That fixed it for me.





_______________________________________________
Xen-users mailing list
Xen-users@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-users
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [Xen-users] xm save, trilok nuwal
Next by Date:  [Xen-users] Howto debug initrd image?, Reiner Dassing
Previous by Thread:  [Xen-users] xm save, Devraj Mukherjee
Next by Thread:  Re: [Xen-users] iptables and state matches (established, related), Daniel P. Berrange
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy