Linux - Server This forum is for the discussion of Linux Software used in a server related context. |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
03-02-2012, 08:32 AM
|
#1
|
Member
Registered: Apr 2004
Location: PA
Distribution: RedHat 9
Posts: 49
Rep:
|
Can't configure network for KVM guest.
I am so close. but am unable to get a network device connection for my KVM guests.
Followed this article:
http://www.cyberciti.biz/faq/centos-...tion-tutorial/
The host CentOS 6.2 - libvirtd (libvirt) 0.9.4
Code:
[08:28:51 root]$ getenforce
Disabled
Network:
Code:
br0 Link encap:Ethernet HWaddr 8C:89:A5:5E:D1:DF
inet addr:192.168.1.1 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::8e89:a5ff:fe5e:d1df/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:594581 errors:0 dropped:0 overruns:0 frame:0
TX packets:826160 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:56982997 (54.3 MiB) TX bytes:1023484748 (976.0 MiB)
eth0 Link encap:Ethernet HWaddr 8C:89:A5:5E:D1:DF
inet6 addr: fe80::8e89:a5ff:fe5e:d1df/64 Scope:Link
UP BROADCAST RUNNING PROMISC MULTICAST MTU:1500 Metric:1
RX packets:1147063 errors:0 dropped:0 overruns:0 frame:0
TX packets:1604053 errors:0 dropped:0 overruns:0 carrier:3
collisions:0 txqueuelen:1000
RX bytes:167666536 (159.8 MiB) TX bytes:1799474034 (1.6 GiB)
Interrupt:26
eth1 Link encap:Ethernet HWaddr 00:01:53:81:B6:39
inet addr:69.242.80.204 Bcast:255.255.255.255 Mask:255.255.252.0
inet6 addr: fe80::201:53ff:fe81:b639/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2657191 errors:0 dropped:0 overruns:0 frame:0
TX packets:955092 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1815510683 (1.6 GiB) TX bytes:146700246 (139.9 MiB)
Interrupt:20 Base address:0xe800
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:16436 Metric:1
RX packets:32850 errors:0 dropped:0 overruns:0 frame:0
TX packets:32850 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:0
RX bytes:14982310 (14.2 MiB) TX bytes:14982310 (14.2 MiB)
vnet0 Link encap:Ethernet HWaddr FE:54:00:F5:C7:93
inet6 addr: fe80::fc54:ff:fef5:c793/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:37 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:500
RX bytes:9486 (9.2 KiB) TX bytes:0 (0.0 b)
[08:16:35 root]$ brctl show
bridge name bridge id STP enabled interfaces
br0 8000.8c89a55ed1df no eth0
vnet1
br1 8000.000000000000 no
virbr0 8000.525400ae0a23 yes virbr0-nic
vnet0
[08:18:57 root]$ route
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
192.168.1.0 * 255.255.255.0 U 0 0 0 br0
69.242.80.0 * 255.255.252.0 U 0 0 0 eth1
link-local * 255.255.0.0 U 1003 0 0 eth1
link-local * 255.255.0.0 U 1011 0 0 br0
192.168.0.0 192.168.1.1 255.255.0.0 UG 0 0 0 br0
default c-69-242-80-1.h 0.0.0.0
My KVM guest configured in the KDE gui:
Code:
[08:19:22 root]$ virsh dumpxml Haweater
<domain type='kvm' id='2'>
<name>Haweater</name>
<uuid>57153803-48c3-26aa-5fcc-4cccfed636f0</uuid>
<memory>512000</memory>
<currentMemory>512000</currentMemory>
<vcpu>4</vcpu>
<os>
<type arch='x86_64' machine='rhel6.2.0'>hvm</type>
<boot dev='hd'/>
</os>
<features>
<acpi/>
<apic/>
<pae/>
</features>
<clock offset='utc'/>
<on_poweroff>destroy</on_poweroff>
<on_reboot>restart</on_reboot>
<on_crash>restart</on_crash>
<devices>
<emulator>/usr/libexec/qemu-kvm</emulator>
<disk type='block' device='disk'>
<driver name='qemu' type='raw' cache='none' io='native'/>
<source dev='/dev/md2'/>
<target dev='vda' bus='virtio'/>
<alias name='virtio-disk0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x05' function='0x0'/>
</disk>
<interface type='network'>
<mac address='52:54:00:f5:c7:93'/>
<source network='default'/>
<target dev='vnet0'/>
<model type='rtl8139'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>
<interface type='bridge'>
<mac address='52:54:00:49:b7:dd'/>
<source bridge='br0'/>
<target dev='vnet1'/>
<model type='rtl8139'/>
<alias name='net1'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x08' function='0x0'/>
</interface>
<serial type='pty'>
<source path='/dev/pts/1'/>
<target port='0'/>
<alias name='serial0'/>
</serial>
<console type='pty' tty='/dev/pts/1'>
<source path='/dev/pts/1'/>
<target type='serial' port='0'/>
<alias name='serial0'/>
</console>
<input type='tablet' bus='usb'>
<alias name='input0'/>
</input>
<input type='mouse' bus='ps2'/>
<graphics type='vnc' port='5900' autoport='yes'/>
<sound model='ich6'>
<alias name='sound0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x04' function='0x0'/>
</sound>
<video>
<model type='cirrus' vram='9216' heads='1'/>
<alias name='video0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x02' function='0x0'/>
</video>
<memballoon model='virtio'>
<alias name='balloon0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x06' function='0x0'/>
</memballoon>
</devices>
</domain>
I have tried multiple interfaces options but none make a connection.
Code:
ifup eth0
Determining IP information for eth0 ... failed
I had this working fine in Fedora 10 but I am at a stumped since I migrated to CentOS 6. I know I am missing something very simple.
I am using the default unedited configs for
|
|
|
03-02-2012, 09:00 AM
|
#2
|
Member
Registered: Apr 2004
Location: PA
Distribution: RedHat 9
Posts: 49
Original Poster
Rep:
|
ifup eth0
Device eth0 does not seem to be present, delaying initialization
|
|
|
03-02-2012, 09:50 AM
|
#3
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
Can you use a virtio driver instead of rtl8319?
what does "ifconfig -a" say about the known interfaces on the system?
Similarily, "dmesg | grep -i eth" may be useful.
|
|
|
03-02-2012, 10:07 AM
|
#4
|
Member
Registered: Apr 2004
Location: PA
Distribution: RedHat 9
Posts: 49
Original Poster
Rep:
|
HW address was wrong....
Changed the address to the new "generated" nic address and the device is now available. however it is not picking up the dhcpd from the gateway 192.168.1.1
I can manually define the network ip but that is not ideal... could this be a firewall issue?:
|
|
|
03-02-2012, 10:13 AM
|
#5
|
Member
Registered: Apr 2004
Location: PA
Distribution: RedHat 9
Posts: 49
Original Poster
Rep:
|
not sure if this is related:
when I start the guest:
Code:
Mar 2 10:10:15 localhost libvirtd: 10:10:15.691: 27897: info : brProbeVnetHdr:442 : Enabling IFF_VNET_HDR
Mar 2 10:10:15 localhost kernel: device vnet1 entered promiscuous mode
Mar 2 10:10:15 localhost kernel: br0: port 3(vnet1) entering forwarding state
2012-03-02 10:10:15.693: starting up
LC_ALL=C PATH=/sbin:/usr/sbin:/bin:/usr/bin HOME=/root USER=james LOGNAME=james QEMU_AUDIO_DRV=none /usr/libexec/qemu-kvm -S -M rhel6.2.0 -enable-kvm -m 500 -smp 4,sockets=4,cores=1,threads=1 -name Haweater -uuid 57153803-48c3-26aa-5fcc-4cccfed636f0 -nodefconfig -nodefaults -chardev socket,id=charmonitor,path=/var/lib/libvirt/qemu/Haweater.monitor,server,nowait -mon chardev=charmonitor,id=monitor,mode=control -rtc base=utc -no-shutdown -no-acpi -drive file=/dev/md2,if=none,id=drive-virtio-disk0,format=raw,cache=none,aio=native -device virtio-blk-pci,scsi=off,bus=pci.0,addr=0x5,drive=drive-virtio-disk0,id=virtio-disk0,bootindex=1 -netdev tap,fd=21,id=hostnet0,vhost=on,vhostfd=24 -device virtio-net-pci,netdev=hostnet0,id=net0,mac=52:54:00:f5:c7:93,bus=pci.0,addr=0x3 -chardev pty,id=charserial0 -device isa-serial,chardev=charserial0,id=serial0 -usb -device usb-tablet,id=input0 -vnc 127.0.0.1:1 -vga cirrus -device intel-hda,id=sound0,bus=pci.0,addr=0x4 -device hda-duplex,id=sound0-codec0,bus=sound0.0,cad=0 -device virtio-balloon-pci,id=balloon0,bus=pci.0,addr=0x6
10:10:15.695: 21228: info : libvirt version: 0.9.4, package: 23.el6_2.6 (CentOS BuildSystem <http://bugs.centos.org>, 2012-03-01-10:07:12, c6b6.bsys.dev.centos.org)
10:10:15.695: 21228: debug : virCommandHook:1920 : Run hook 0x484900 0x7f312306e460
10:10:15.695: 21228: debug : qemuProcessHook:2147 : Obtaining domain lock
10:10:15.695: 21228: debug : virDomainLockManagerNew:123 : plugin=0x7f3118060b80 dom=0x7f3118008060 withResources=1
10:10:15.695: 21228: debug : virLockManagerNew:291 : plugin=0x7f3118060b80 type=0 nparams=4 params=0x7f312306d8b0 flags=0
10:10:15.695: 21228: debug : virLockManagerLogParams:98 : key=uuid type=uuid value=57153803-48c3-26aa-5fcc-4cccfed636f0
10:10:15.695: 21228: debug : virLockManagerLogParams:94 : key=name type=string value=Haweater
10:10:15.695: 21228: debug : virLockManagerLogParams:82 : key=id type=uint value=8
10:10:15.695: 21228: debug : virLockManagerLogParams:82 : key=pid type=uint value=21228
10:10:15.695: 21228: debug : virDomainLockManagerNew:135 : Adding leases
10:10:15.695: 21228: debug : virDomainLockManagerNew:140 : Adding disks
10:10:15.695: 21228: debug : virDomainLockManagerAddDisk:86 : Add disk /dev/md2
10:10:15.695: 21228: debug : virLockManagerAddResource:320 : lock=0x7f310800cf90 type=0 name=/dev/md2 nparams=0 params=(nil) flags=0
10:10:15.695: 21228: debug : virLockManagerAcquire:337 : lock=0x7f310800cf90 state='(null)' flags=3 fd=0x7f312306da1c
10:10:15.695: 21228: debug : virLockManagerFree:374 : lock=0x7f310800cf90
10:10:15.695: 21228: debug : qemuProcessHook:2172 : Moving procss to cgroup
10:10:15.695: 21228: debug : virCgroupNew:602 : New group /libvirt/qemu/Haweater
10:10:15.695: 21228: debug : virCgroupDetect:261 : Detected mount/mapping 0:cpu at /cgroup/cpu in
10:10:15.695: 21228: debug : virCgroupDetect:261 : Detected mount/mapping 1:cpuacct at /cgroup/cpuacct in
10:10:15.695: 21228: debug : virCgroupDetect:261 : Detected mount/mapping 2:cpuset at /cgroup/cpuset in
10:10:15.695: 21228: debug : virCgroupDetect:261 : Detected mount/mapping 3:memory at /cgroup/memory in
10:10:15.695: 21228: debug : virCgroupDetect:261 : Detected mount/mapping 4:devices at /cgroup/devices in
10:10:15.695: 21228: debug : virCgroupDetect:261 : Detected mount/mapping 5:freezer at /cgroup/freezer in
10:10:15.695: 21228: debug : virCgroupDetect:261 : Detected mount/mapping 6:blkio at /cgroup/blkio in
10:10:15.695: 21228: debug : virCgroupMakeGroup:523 : Make group /libvirt/qemu/Haweater
10:10:15.695: 21228: debug : virCgroupMakeGroup:545 : Make controller /cgroup/cpu/libvirt/qemu/Haweater/
10:10:15.695: 21228: debug : virCgroupMakeGroup:545 : Make controller /cgroup/cpuacct/libvirt/qemu/Haweater/
10:10:15.695: 21228: debug : virCgroupMakeGroup:545 : Make controller /cgroup/cpuset/libvirt/qemu/Haweater/
10:10:15.695: 21228: debug : virCgroupMakeGroup:545 : Make controller /cgroup/memory/libvirt/qemu/Haweater/
10:10:15.695: 21228: debug : virCgroupMakeGroup:545 : Make controller /cgroup/devices/libvirt/qemu/Haweater/
10:10:15.695: 21228: debug : virCgroupMakeGroup:545 : Make controller /cgroup/freezer/libvirt/qemu/Haweater/
10:10:15.696: 21228: debug : virCgroupMakeGroup:545 : Make controller /cgroup/blkio/libvirt/qemu/Haweater/
10:10:15.696: 21228: debug : virCgroupSetValueStr:319 : Set value '/cgroup/cpu/libvirt/qemu/Haweater/tasks' to '21228'
10:10:15.699: 21228: debug : virCgroupSetValueStr:319 : Set value '/cgroup/cpuacct/libvirt/qemu/Haweater/tasks' to '21228'
10:10:15.703: 21228: debug : virCgroupSetValueStr:319 : Set value '/cgroup/cpuset/libvirt/qemu/Haweater/tasks' to '21228'
10:10:15.707: 21228: debug : virCgroupSetValueStr:319 : Set value '/cgroup/memory/libvirt/qemu/Haweater/tasks' to '21228'
10:10:15.711: 21228: debug : virCgroupSetValueStr:319 : Set value '/cgroup/devices/libvirt/qemu/Haweater/tasks' to '21228'
10:10:15.715: 21228: debug : virCgroupSetValueStr:319 : Set value '/cgroup/freezer/libvirt/qemu/Haweater/tasks' to '21228'
10:10:15.718: 21228: debug : virCgroupSetValueStr:319 : Set value '/cgroup/blkio/libvirt/qemu/Haweater/tasks' to '21228'
10:10:15.722: 21228: debug : qemuProcessHook:2178 : Setup CPU affinity
10:10:15.722: 21228: debug : qemuProcessInitCpuAffinity:1464 : Setting CPU affinity
10:10:15.722: 21228: debug : qemuProcessHook:2185 : Setting up security labelling
10:10:15.722: 21228: debug : virSecurityDACSetProcessLabel:630 : Dropping privileges of VM to 107:107
10:10:15.722: 21228: debug : qemuProcessHook:2192 : Hook complete ret=0
10:10:15.722: 21228: debug : virCommandHook:1922 : Done hook 0
10:10:15.722: 21228: debug : virCommandHook:1935 : Notifying parent for handshake start on 26
10:10:15.722: 21228: debug : virCommandHook:1956 : Waiting on parent for handshake complete on 27
10:10:15.727: 21228: debug : virCommandHook:1972 : Hook is done 0
Mar 2 10:10:15 localhost libvirtd: 10:10:15.727: 27897: info : virSecurityDACSetOwnership:99 : Setting DAC user and group on '/dev/md2' to '107:107'
char device redirected to /dev/pts/3
Mar 2 10:10:15 localhost qemu-kvm: Could not find keytab file: /etc/qemu/krb5.tab: No such file or directory
Mar 2 10:10:16 localhost avahi-daemon[1901]: Registering new address record for fe80::fc54:ff:fef5:c793 on vnet1.*.
Mar 2 10:10:18 localhost ntpd[15264]: Listening on interface #51 vnet1, fe80::fc54:ff:fef5:c793#123 Enabled
Mar 2 10:10:48 localhost avahi-daemon[1901]: dbus-protocol.c: Too many objects for client ':1.23', client request failed.
Mar 2 10:10:48 localhost avahi-daemon[1901]: dbus-protocol.c: Too many objects for client ':1.24', client request failed.
Mar 2 10:11:23 localhost avahi-daemon[1901]: dbus-protocol.c: Too many objects for client ':1.24', client request failed.
Mar 2 10:11:23 localhost avahi-daemon[1901]: dbus-protocol.c: Too many objects for client ':1.23', client request failed.
|
|
|
03-02-2012, 10:38 AM
|
#6
|
Moderator
Registered: Jun 2001
Location: UK
Distribution: Gentoo, RHEL, Fedora, Centos
Posts: 43,417
|
well as libvirt / kvm utilizies a very large amount of the standard host network stack, there's plenty of places where the networking can get jammed up. Is dnsmasq listening for requests (pretty sure it should be dnsmasq) and what is the iptables rulebase that libvirt has built? (iptables -vnL)
|
|
|
03-02-2012, 11:05 AM
|
#7
|
Member
Registered: Apr 2004
Location: PA
Distribution: RedHat 9
Posts: 49
Original Poster
Rep:
|
Quote:
Originally Posted by acid_kewpie
well as libvirt / kvm utilizies a very large amount of the standard host network stack, there's plenty of places where the networking can get jammed up. Is dnsmasq listening for requests (pretty sure it should be dnsmasq) and what is the iptables rulebase that libvirt has built? (iptables -vnL)
|
Not sure about dnsmasq, is this run within kvm? .. I am running bind for local system name resolution.
I have no idea what I am looking at:
Code:
[11:00:53 root]$ iptables -vnL
Chain INPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
40263 8214K BASE_INPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
2654 419K INPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
2654 419K HOST_BLOCK_SRC all -- * * 0.0.0.0/0 0.0.0.0/0
2654 419K SPOOF_CHK all -- * * 0.0.0.0/0 0.0.0.0/0
1174 174K VALID_CHK all -- eth1 * 0.0.0.0/0 0.0.0.0/0
544 147K EXT_INPUT_CHAIN !icmp -- eth1 * 0.0.0.0/0 0.0.0.0/0 state NEW
616 26784 EXT_INPUT_CHAIN icmp -- eth1 * 0.0.0.0/0 0.0.0.0/0 state NEW limit: avg 60/sec burst 100
0 0 EXT_ICMP_FLOOD_CHAIN icmp -- eth1 * 0.0.0.0/0 0.0.0.0/0 state NEW
1480 245K INT_INPUT_CHAIN all -- br0 * 0.0.0.0/0 0.0.0.0/0
0 0 POST_INPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/sec burst 5 LOG flags 0 level 7 prefix `AIF:Dropped INPUT packet: '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
256K 139M BASE_FORWARD_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
779 49852 TCPMSS tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
1081 101K FORWARD_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
1081 101K HOST_BLOCK_SRC all -- * * 0.0.0.0/0 0.0.0.0/0
1081 101K HOST_BLOCK_DST all -- * * 0.0.0.0/0 0.0.0.0/0
73 3356 EXT_FORWARD_IN_CHAIN all -- eth1 * 0.0.0.0/0 0.0.0.0/0
1008 97510 EXT_FORWARD_OUT_CHAIN all -- * eth1 0.0.0.0/0 0.0.0.0/0
1008 97510 INT_FORWARD_IN_CHAIN all -- br0 * 0.0.0.0/0 0.0.0.0/0
0 0 INT_FORWARD_OUT_CHAIN all -- * br0 0.0.0.0/0 0.0.0.0/0
1008 97510 SPOOF_CHK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- br0 br0 0.0.0.0/0 0.0.0.0/0
1008 97510 LAN_INET_FORWARD_CHAIN all -- br0 eth1 0.0.0.0/0 0.0.0.0/0
0 0 POST_FORWARD_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/min burst 3 LOG flags 0 level 7 prefix `AIF:Dropped FORWARD packet: '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
38056 13M BASE_OUTPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
4 240 TCPMSS tcp -- * eth1 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x02 TCPMSS clamp to PMTU
1510 147K OUTPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
1505 147K HOST_BLOCK_DST all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Fragment packet: '
0 0 DROP all -f * * 0.0.0.0/0 0.0.0.0/0
1166 91238 EXT_OUTPUT_CHAIN all -- * eth1 0.0.0.0/0 0.0.0.0/0
339 55705 INT_OUTPUT_CHAIN all -- * br0 0.0.0.0/0 0.0.0.0/0
1504 147K POST_OUTPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
1504 147K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain BASE_FORWARD_CHAIN (1 references)
pkts bytes target prot opt in out source destination
265K 143M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED tcp dpts:1024:65535
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED udp dpts:1024:65535
37 2072 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED
0 0 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
Chain BASE_INPUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
49317 9070K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED
0 0 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED tcp dpts:1024:65535
0 0 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED udp dpts:1024:65535
59 3997 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED
45 2721 ACCEPT all -- lo * 0.0.0.0/0 0.0.0.0/0
Chain BASE_OUTPUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
47531 16M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 state ESTABLISHED
66 4590 ACCEPT all -- * lo 0.0.0.0/0 0.0.0.0/0
Chain DMZ_FORWARD_IN_CHAIN (0 references)
pkts bytes target prot opt in out source destination
Chain DMZ_FORWARD_OUT_CHAIN (0 references)
pkts bytes target prot opt in out source destination
Chain DMZ_INET_FORWARD_CHAIN (0 references)
pkts bytes target prot opt in out source destination
Chain DMZ_INPUT_CHAIN (0 references)
pkts bytes target prot opt in out source destination
Chain DMZ_LAN_FORWARD_CHAIN (0 references)
pkts bytes target prot opt in out source destination
Chain DMZ_OUTPUT_CHAIN (0 references)
pkts bytes target prot opt in out source destination
Chain EXT_BROADCAST_CHAIN (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:PRIV TCP broadcast: '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:PRIV UDP broadcast: '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:UNPRIV TCP broadcast: '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1024 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:UNPRIV UDP broadcast: '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain EXT_FORWARD_IN_CHAIN (1 references)
pkts bytes target prot opt in out source destination
73 3356 VALID_CHK all -- * * 0.0.0.0/0 0.0.0.0/0
73 3356 RESERVED_NET_CHK all -- * * 0.0.0.0/0 0.0.0.0/0
9 540 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.3 tcp dpt:80
0 0 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.3 tcp dpt:443
0 0 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 tcp dpt:8080
0 0 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 tcp dpt:8443
0 0 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 tcp dpt:37310
64 2816 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 tcp dpt:31220
0 0 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 tcp dpt:37690
0 0 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 tcp dpt:22
0 0 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.55 tcp dpt:22
0 0 ACCEPT tcp -- eth1 !eth1 0.0.0.0/0 192.168.1.3 tcp dpt:22
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.3 udp dpt:80
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.3 udp dpt:443
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 udp dpt:8080
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 udp dpt:8443
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 udp dpt:37310
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 udp dpt:31220
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 udp dpt:37690
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.11 udp dpt:22
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.55 udp dpt:22
0 0 ACCEPT udp -- eth1 !eth1 0.0.0.0/0 192.168.1.3 udp dpt:22
Chain EXT_FORWARD_OUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain EXT_ICMP_FLOOD_CHAIN (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3 limit: avg 12/hour burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-unreachable flood: '
0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 3
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11 limit: avg 12/hour burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-time-exceeded fld: '
0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 11
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 12 limit: avg 12/hour burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-param-problem fld: '
0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 12
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 12/hour burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-request(ping) fld: '
0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0 limit: avg 12/hour burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-reply(pong) flood: '
0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 0
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 4 limit: avg 12/hour burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-source-quench fld: '
0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 4
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 12/hour burst 1 LOG flags 0 level 7 prefix `AIF:ICMP(other) flood: '
0 0 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0
Chain EXT_INPUT_CHAIN (2 references)
pkts bytes target prot opt in out source destination
0 0 SSH_CHK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:22 state NEW
0 0 SSH_CHK tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:10022 state NEW
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:0 limit: avg 6/hour burst 1 LOG flags 0 level 7 prefix `AIF:Port 0 OS fingerprint: '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:0 limit: avg 6/hour burst 1 LOG flags 0 level 7 prefix `AIF:Port 0 OS fingerprint: '
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:0
0 0 POST_INPUT_DROP_CHAIN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:0
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:0 limit: avg 6/hour burst 5 LOG flags 0 level 7 prefix `AIF:TCP source port 0: '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:0 limit: avg 6/hour burst 5 LOG flags 0 level 7 prefix `AIF:UDP source port 0: '
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp spt:0
0 0 POST_INPUT_DROP_CHAIN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:0
388 129K ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68
772 45107 RESERVED_NET_CHK all -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:!2049 multiport sports 20,21,22,23,80,110,143,443,993,995 limit: avg 6/hour burst 1 LOG flags 0 level 7 prefix `AIF:Possible DRDOS abuse: '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:!2049 multiport sports 20,21,22,23,80,110,143,443,993,995 limit: avg 6/hour burst 1 LOG flags 0 level 7 prefix `AIF:Possible DRDOS abuse: '
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpt:!2049 multiport sports 20,21,22,23,80,110,143,443,993,995
0 0 POST_INPUT_DROP_CHAIN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:!2049 multiport sports 20,21,22,23,80,110,143,443,993,995
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 flags:!0x17/0x02 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Stealth scan? (UNPRIV): '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 flags:!0x17/0x02 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Stealth scan? (PRIV): '
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:!0x17/0x02
0 0 EXT_BROADCAST_CHAIN all -- * * 0.0.0.0/0 255.255.255.255
4 2318 EXT_MULTICAST_CHAIN all -- * * 0.0.0.0/0 224.0.0.0/4
68 3776 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:PRIV TCP packet: '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:PRIV UDP packet: '
5 272 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:UNPRIV TCP packet: '
5 3775 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:1024:65535 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:UNPRIV UDP packet: '
0 0 LOG 2 -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/min burst 5 LOG flags 0 level 7 prefix `AIF:IGMP packet: '
768 42789 POST_INPUT_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
26 1785 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 3/min burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-request: '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp !type 8 limit: avg 12/hour burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-other: '
141 7700 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0
11 8305 POST_INPUT_DROP_CHAIN udp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 POST_INPUT_DROP_CHAIN 2 -- * * 0.0.0.0/0 0.0.0.0/0
616 26784 POST_INPUT_DROP_CHAIN icmp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/min burst 5 LOG flags 0 level 7 prefix `AIF:Other connect: '
0 0 POST_INPUT_DROP_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain EXT_MULTICAST_CHAIN (1 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:PRIV TCP multicast: '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpts:0:1023 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:PRIV UDP multicast: '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp dpts:1024:65535 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:UNPRIV TCP multicast: '
0 0 LOG udp -- * * 0.0.0.0/0 0.0.0.0/0 udp dpt:1024 limit: avg 6/min burst 2 LOG flags 0 level 7 prefix `AIF:UNPRIV UDP multicast: '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 3/min burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-multicast-request: '
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp !type 8 limit: avg 12/hour burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-multicast-other: '
4 2318 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain EXT_OUTPUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain FORWARD_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain HOST_BLOCK_DROP (0 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/min burst 1 LOG flags 0 level 7 prefix `AIF:Blocked host(s): '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain HOST_BLOCK_DST (2 references)
pkts bytes target prot opt in out source destination
Chain HOST_BLOCK_SRC (2 references)
pkts bytes target prot opt in out source destination
Chain INET_DMZ_FORWARD_CHAIN (0 references)
pkts bytes target prot opt in out source destination
Chain INPUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain INT_FORWARD_IN_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain INT_FORWARD_OUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain INT_INPUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
2 168 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 20/sec burst 100
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 3/min burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-request: '
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
1478 245K ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain INT_OUTPUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain LAN_INET_FORWARD_CHAIN (1 references)
pkts bytes target prot opt in out source destination
1 84 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 20/sec burst 100
0 0 LOG icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8 limit: avg 3/min burst 1 LOG flags 0 level 7 prefix `AIF:ICMP-request: '
0 0 DROP icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 8
786 50149 ACCEPT tcp -- * * 0.0.0.0/0 0.0.0.0/0
221 47277 ACCEPT udp -- * * 0.0.0.0/0 0.0.0.0/0
0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain POST_FORWARD_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain POST_INPUT_CHAIN (2 references)
pkts bytes target prot opt in out source destination
Chain POST_INPUT_DROP_CHAIN (30 references)
pkts bytes target prot opt in out source destination
782 43381 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain POST_OUTPUT_CHAIN (1 references)
pkts bytes target prot opt in out source destination
Chain RESERVED_NET_CHK (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 10.0.0.0/8 0.0.0.0/0 limit: avg 1/min burst 1 LOG flags 0 level 7 prefix `AIF:IPv4 Private address: '
0 0 LOG all -- * * 172.16.0.0/12 0.0.0.0/0 limit: avg 1/min burst 1 LOG flags 0 level 7 prefix `AIF:IPv4 Private address: '
0 0 LOG all -- * * 192.168.0.0/16 0.0.0.0/0 limit: avg 1/min burst 1 LOG flags 0 level 7 prefix `AIF:IPv4 Private address: '
0 0 LOG all -- * * 169.254.0.0/16 0.0.0.0/0 limit: avg 1/min burst 1 LOG flags 0 level 7 prefix `AIF:IPv4 Link-local address: '
0 0 LOG all -- * * 224.0.0.0/24 0.0.0.0/0 limit: avg 1/min burst 1 LOG flags 0 level 7 prefix `AIF:IPv4 Multicast address: '
0 0 LOG all -- * * 239.0.0.0/24 0.0.0.0/0 limit: avg 1/min burst 1 LOG flags 0 level 7 prefix `AIF:IPv4 Multicast address: '
Chain SPOOF_CHK (2 references)
pkts bytes target prot opt in out source destination
2437 336K RETURN all -- br0 * 192.168.1.0/24 0.0.0.0/0
0 0 LOG all -- * * 192.168.1.0/24 0.0.0.0/0 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Spoofed packet: '
0 0 POST_INPUT_DROP_CHAIN all -- * * 192.168.1.0/24 0.0.0.0/0
1225 180K RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
Chain SSH_CHK (2 references)
pkts bytes target prot opt in out source destination
0 0 all -- * * 0.0.0.0/0 0.0.0.0/0 recent: SET name: sshchk side: source
0 0 SSH_LOG_DROP all -- * * 0.0.0.0/0 0.0.0.0/0 recent: UPDATE seconds: 60 hit_count: 4 name: sshchk side: source
0 0 SSH_LOG_DROP all -- * * 0.0.0.0/0 0.0.0.0/0 recent: UPDATE seconds: 1800 hit_count: 10 name: sshchk side: source
Chain SSH_LOG_DROP (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG all -- * * 0.0.0.0/0 0.0.0.0/0 limit: avg 1/min burst 1 LOG flags 0 level 7 prefix `AIF:SSH Brute force attack?: '
0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0
Chain VALID_CHK (2 references)
pkts bytes target prot opt in out source destination
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Stealth XMAS scan: '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Stealth XMAS-PSH scan: '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Stealth XMAS-ALL scan: '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Stealth FIN scan: '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Stealth SYN/RST scan: '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Stealth SYN/FIN scan?: '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00 limit: avg 3/min burst 5 LOG flags 0 level 7 prefix `AIF:Stealth Null scan: '
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x29
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x37
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x3F
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x01
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x06/0x06
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x03/0x03
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp flags:0x3F/0x00
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp option=64 limit: avg 3/min burst 1 LOG flags 0 level 7 prefix `AIF:Bad TCP flag(64): '
0 0 LOG tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp option=128 limit: avg 3/min burst 1 LOG flags 0 level 7 prefix `AIF:Bad TCP flag(128): '
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp option=64
0 0 POST_INPUT_DROP_CHAIN tcp -- * * 0.0.0.0/0 0.0.0.0/0 tcp option=128
14 592 POST_INPUT_DROP_CHAIN all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID
0 0 LOG all -f * * 0.0.0.0/0 0.0.0.0/0 limit: avg 3/min burst 1 LOG flags 0 level 4 prefix `AIF:Fragment packet: '
0 0 DROP all -f * * 0.0.0.0/0 0.0.0.0/0
|
|
|
03-02-2012, 11:13 AM
|
#8
|
Member
Registered: Apr 2004
Location: PA
Distribution: RedHat 9
Posts: 49
Original Poster
Rep:
|
also seeing this: qemu-kvm: Could not find keytab file: /etc/qemu/krb5.tab
|
|
|
03-02-2012, 02:03 PM
|
#9
|
Member
Registered: Apr 2004
Location: PA
Distribution: RedHat 9
Posts: 49
Original Poster
Rep:
|
Captain obvious here: turn of the avahi-daemon service and the avahi-daemon noise stops. Go figure!
|
|
|
05-09-2013, 02:25 PM
|
#10
|
Member
Registered: Apr 2005
Location: BC
Distribution: Centos
Posts: 34
Rep:
|
If you are getting delaying execution error in ifup eth0, that most likely means udev /mac address problem. Solution: Delete the rules in udev/rules.d/70-per**net, comment out the hardware mac address from ifcfg-eth0 and reboot the VM. it should fix it. This problem is only with CentOS 6 VM, you wont see it in CentOS 5 VMs.
|
|
|
All times are GMT -5. The time now is 06:46 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|