2nd try: Was Firewall problem: Only works on a restart.
Gordon Messmer
yinyang at eburg.com
Tue Feb 24 17:06:34 UTC 2009
Steven W. Orr wrote:
> On Sunday, Feb 8th 2009 at 16:02 -0000, quoth Steven W. Orr:
>
> =>I have two computers in the house. Machine A has two NICS, one of which is
> =>hooked to the cable modem and sees the outside world. Also, Machine A
> =>implements the IPTABLES firewall with NAT. Machine B and Machine A's 2nd NIC
> =>are hooked up to a little hub. Ever since I upgraded to F10, I notice that
> =>Machine B can't see the outside world unless I restart the firewall. And just
> =>to make it interesting,
> =>
> =>iptables -L > before
> =>restart the firewall
> =>iptables -L > after
> =>
> =>diff before after
> =>result is no difference
You're not seeing everything. First, "iptables -L -v" will show you
more information. Second, there are other tables. Use "iptables -L -t
nat" and "iptables -L -t mangle" for instance.
> After a fresh boot, Machine B can't see the outside but can see A. Also, A
> can see B. Then a restart of the firewall causes B to be able to see the
> outside world.
You need to reconfigure the firewall service so that it runs after the
network service. It's probably trying to learn what networks are
attached to each interface, but can't because the interfaces aren't
configured when it runs.
More information about the fedora-list
mailing list