ppooe state RELATED,ESTABLISHED issue
Ted Kaczmarek
tedkaz at optonline.net
Fri Aug 5 02:30:15 CEST 2005
Today I was testing a Centos 4.1(RH ES4 clone) with 2.6.9-11.EL and a
Verizon dsl connection. I couldn't get any connection tracking related
rules working on the pppoe interface.
-A INPUT -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT
-A FORWARD -i ppp0 -m state --state RELATED,ESTABLISHED -j ACCEPT
The only way I could get it to forward traffic
was to allow all INPUT and FORWARD traffic for ppp0.
The pppoe is using eth0 and the inside interface is eth1.
Googling uncovered a thread with respect to connection tracking being
broken
with bridging.
http://www.uwsg.iu.edu/hypermail/linux/kernel/0506.2/0422.html
Is this really the same issue? If packets are coming in eth1 and leaving
ppp0(using eth0)
are they not just being routed? If eth0 is up the I can see packets
being bridged from ppp0e to eth0, but with eth0 down I am at a loss as
to why this is happening.
Also is this issue specific to 2.6? A 2.4 based machine would likely
suffice in this application.
Regards,
Ted
More information about the netfilter
mailing list