LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 07-06-2008, 12:20 AM   #1
jwhitehead
LQ Newbie
 
Registered: Jul 2006
Posts: 2

Rep: Reputation: 0
iptables flushed unexpectedly


Hi all,

I'm running 2.6.20-1.2320.fc5. I've setup an iptables transparent proxy to filter through Squid and Dansguardian, as below:

Code:
# Variables
EXT_CONN=eth0
INT_CONN=eth1

# Bridge external connections from external network card to internal
iptables -F -t nat
iptables -A POSTROUTING -t nat -o $EXT_CONN -j MASQUERADE
echo 1 > /proc/sys/net/ipv4/ip_forward

#Allow port 8080 (Dansguardian) to receive connections
iptables -A INPUT -i $INT_CONN -p tcp --dport 8080 -j ACCEPT
# Redirect port 80 to Dansguardian (port 8080)
iptables -t nat -A PREROUTING -i $INT_CONN -p tcp --dport 80 -j REDIRECT --to-port 8080
And afterwards, when I run iptables -L -t nat, the listing looks as below, and works as expected, forwarding packets from 80 to 8080.

Code:
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination
REDIRECT   tcp  --  anywhere             anywhere            tcp dpt:http redir ports 8080

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
But after a few minutes (haven't been able to determine exactly), the PREROUTING appears to get flushed, and iptables -L -t nat looks as below, and packets are no longer forwarded from 80 to 8080, but as you can see the masquerading is still configured:

Code:
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination
MASQUERADE  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
I'm guessing something else is running on this server that might be emptying the PREROUTING listing. Any ideas, as there isn't that much running on this server. Or thoughts as to debug this? Thanks.
 
Old 07-06-2008, 12:37 AM   #2
Mr. C.
Senior Member
 
Registered: Jun 2008
Posts: 2,529

Rep: Reputation: 63
Is your network interface bouncing ?

Search your /etc directory for all scripts that call iptables.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Fatal Server Error: active ring not flushed TuffPoo Slackware 1 03-30-2006 02:10 AM
Fatal Server Error: active ring not flushed TuffPoo Linux - Laptop and Netbook 0 03-28-2006 05:56 PM
Azureus TERMINATED. unexpectedly. J_7D5 Linux - Software 3 11-11-2005 06:36 AM
Launch menu contents flushed when updating Steel Shepherd Linux - Software 4 02-02-2004 09:16 PM
I get logget out unexpectedly!! slice4e Linux - General 2 05-11-2003 09:43 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 08:07 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration