> On 10 Nov 2016, at 15:09, Ken Teh <[email protected]> wrote: > > I'm trying to isolate a network problem and I need some debugging help. > Frustrating when I am not fluent in the new sys admin tools. > > Symptom is as follows: I have a machine running Fedora 24 with its firewall > zone set to work. I cannot ping the machine except from the same subnet. I > don't have this problem with a second machine running the same OS/rev with > the same firewall setup. I'm not sure where to look. > > I've dumped out both machines iptables. See attachment. I did a diff -y and > they look almost identical. The machine that does not work has 2 nics, one > which is connected to a 192.168 network. It has additional rules in the > various chains but they are all "from anywhere to anywhere". I'm assuming > the additional rules come from the second interface. > > I've put a query to my networking folks to see if the problem is further > upstream. But I thought I'd ask if I have missed something obvious.
What's the default route on the "failing" system? > I know it's not SL7 but they use the same tools: nmcli and firewall-cmd. > > <iptables.fails><iptables.works> -- Stephan Wiesand DESY -DV- Platanenallee 6 15738 Zeuthen, Germany
