[lvs-users] lvs masq response package not getting picked up
Graeme Fowler
graeme at graemef.net
Mon Aug 13 12:46:37 BST 2012
On Mon, 2012-08-13 at 13:20 +0200, Klavs Klavsen wrote:
> Chain FORWARD (policy DROP)
> target prot opt source destination
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:80
> ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW
> tcp dpt:443
> ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state
> RELATED,ESTABLISHED
> REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with
> icmp-host-prohibited
I'm not 100% sure, but it looks like this is your problem. Remove those
rules and see what happens.
* I say "not sure" because I'm not sure whether the incoming packets
will traverse the FORWARD chain or be hoiked past it by ipvs.
Graeme
More information about the lvs-users
mailing list