I am configured where are those rules stored why iptables -L -n -t nat not showing them?
On Sun, Aug 5, 2018 at 3:56 PM, Satish Patel <satish....@gmail.com> wrote: > Oh wait!! I think you are right there i didn't notice that iptables > has following setting. > > "CHECKSUM --checksum-fill" > > On Sun, Aug 5, 2018 at 3:54 PM, Satish Patel <satish....@gmail.com> wrote: >> I have following kernel logging set. >> >> [root@ostack-infra-02 tools]# cat /proc/sys/kernel/printk >> 3 4 1 3 >> >> >> iptables output >> >> [root@ostack-infra-02 tools]# iptables-save -c >> # Generated by iptables-save v1.4.21 on Sun Aug 5 15:52:56 2018 >> *raw >> :PREROUTING ACCEPT [42284573:38782693391] >> :OUTPUT ACCEPT [219668:42675751] >> COMMIT >> # Completed on Sun Aug 5 15:52:56 2018 >> # Generated by iptables-save v1.4.21 on Sun Aug 5 15:52:56 2018 >> *nat >> :PREROUTING ACCEPT [656413:38450886] >> :INPUT ACCEPT [5524:564390] >> :OUTPUT ACCEPT [3217:212903] >> :POSTROUTING ACCEPT [559058:34193539] >> [5197:311820] -A POSTROUTING -s 10.0.3.0/24 ! -d 10.0.3.0/24 -j MASQUERADE >> COMMIT >> # Completed on Sun Aug 5 15:52:56 2018 >> # Generated by iptables-save v1.4.21 on Sun Aug 5 15:52:56 2018 >> *mangle >> :PREROUTING ACCEPT [42209568:38687818558] >> :INPUT ACCEPT [170634:197796840] >> :FORWARD ACCEPT [42939243:38526139954] >> :OUTPUT ACCEPT [198956:41288636] >> :POSTROUTING ACCEPT [43138199:38567428590] >> [84166:59495417] -A POSTROUTING -p tcp -m tcp --sport 80 -j CHECKSUM >> --checksum-fill >> [68739:5153476] -A POSTROUTING -p tcp -m tcp --sport 8000 -j CHECKSUM >> --checksum-fill >> [755:275452] -A POSTROUTING -s 10.0.3.0/24 -o lxcbr0 -p udp -m udp >> --dport 68 -j CHECKSUM --checksum-fill >> COMMIT >> # Completed on Sun Aug 5 15:52:56 2018 >> # Generated by iptables-save v1.4.21 on Sun Aug 5 15:52:56 2018 >> *filter >> :INPUT ACCEPT [164954:197217701] >> :FORWARD ACCEPT [42801701:38377075499] >> :OUTPUT ACCEPT [198963:41289860] >> [0:0] -A INPUT -i lxcbr0 -p tcp -m tcp --dport 53 -j ACCEPT >> [4932:328918] -A INPUT -i lxcbr0 -p udp -m udp --dport 53 -j ACCEPT >> [0:0] -A INPUT -i lxcbr0 -p tcp -m tcp --dport 67 -j ACCEPT >> [755:250585] -A INPUT -i lxcbr0 -p udp -m udp --dport 67 -j ACCEPT >> [80745:145594351] -A FORWARD -o lxcbr0 -j ACCEPT >> [56801:3471569] -A FORWARD -i lxcbr0 -j ACCEPT >> COMMIT >> # Completed on Sun Aug 5 15:52:56 2018 >> >> On Sun, Aug 5, 2018 at 3:42 PM, Florian Westphal <f...@strlen.de> wrote: >>> Satish Patel <satish....@gmail.com> wrote: >>>> Thanks Florian, >>>> >>>> FYI, I don't have any CHECKSUM configure in my iptables, >>> >>> You have, according to WARN stacktrace you provided. >>> >>> iptables-save -c >>> ip6tables-save -c
