On Wed, 2008-09-17 at 14:08 -0400, Josh Mullis wrote: > Here is my output from iptables-save:
I'd suggest cloning your REJECT rules and adding a similar LOG line as follows: -A FORWARD -o virbr0 -j LOG --log-prefix '[virbr0_out]: ' -A FORWARD -o virbr0 -j REJECT --reject-with icmp-port-unreachable -A FORWARD -i virbr0 -j LOG --log-prefix '[virbr0_in]: ' -A FORWARD -i virbr0 -j REJECT --reject-with icmp-port-unreachable This way you'll see if it's the ruleset triggering the problem. Somehow I feel that the combination of the three rules specific to all packets trying to get across the bridge is your culprit here - I could be wrong, not having run a system like this before, but still - it may be worth a shot. If you end up with nothing logged, then... Graeme _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
