|
> > [root@fe4026 fea]# /usr/sbin/tcpdump -len host 64.211.248.11
> > Kernel filter, protocol ALL, datagram packet socket
> > tcpdump: listening on all devices
> > 10:33:11.341911 eth1 < 0:d0:b7:a9:c1:bc 0:0:0:0:0:1 ip 62:
> > 208.177.165.227.64395 > 64.211.248.11.www: S 2833366593:2833366593(0) win
> > 16384 <mss 1460,nop,nop,sackOK> (DF)
> > 10:33:14.236010 eth1 < 0:d0:b7:a9:c1:bc 0:0:0:0:0:1 ip 62:
> > 208.177.165.227.64395 > 64.211.248.11.www: S 2833366593:2833366593(0) win
> > 16384 <mss 1460,nop,nop,sackOK> (DF)
> > 10:33:20.246000 eth1 < 0:d0:b7:a9:c1:bc 0:0:0:0:0:1 ip 62:
> > 208.177.165.227.64395 > 64.211.248.11.www: S 2833366593:2833366593(0) win
> > 16384 <mss 1460,nop,nop,sackOK> (DF)
> For the test set /proc/sys/net/ipv4/conf/*/rp_filter to
> 0 and ipchains policy to ACCEPT. And after successful operation start
> to play with them again.
>
> Make sure -j REDIRECT are before any ACCEPT rules, i.e.
Oh boy, yet another cause for this signature, I have to update my signatures.
But to be honest, I didn't understand the setup completely but it seems to
solve his problems. I try to figure out unique tcpdump signatures for different
setup mistakes so we can find the error faster. I thought I had the one for
the arp-problem and the 'trying to connect from inside the cluster' but there
is more out there in the outer space. Sigh, I'll become farmer!
Best regards,
Roberto Nibali, ratz
--
mailto: `echo NrOatSz@xxxxxxxxx | sed 's/[NOSPAM]//g'`
|
