[lvs-users] lvs masq response package not getting picked up

Graeme Fowler graeme at graemef.net
Mon Aug 13 12:46:37 BST 2012

On Mon, 2012-08-13 at 13:20 +0200, Klavs Klavsen wrote:
> Chain FORWARD (policy DROP)
> target     prot opt source               destination
> ACCEPT     tcp  --             state NEW 
> tcp dpt:80
> ACCEPT     tcp  --             state NEW 
> tcp dpt:443
> ACCEPT     all  --             state 
> REJECT     all  --   reject-with 
> icmp-host-prohibited

I'm not 100% sure, but it looks like this is your problem. Remove those
rules and see what happens.

* I say "not sure" because I'm not sure whether the incoming packets
will traverse the FORWARD chain or be hoiked past it by ipvs.


More information about the lvs-users mailing list