Red Hat Bugzilla – Bug 31054
iptables rules don't take effect for running apps
Last modified: 2007-04-18 12:32:04 EDT
Now on the surface this isn't anything but a cosmetic bug, but it feels like one of those things that could be a symptom of a deeper problem. If that turns out to not be the case, so be it :) - masq'ing 2.4.2-0.1.19 box has nothing but a masq'ing rule out eth0. - box behind it starts ping to external box, which is working fine. - masq'ing box drops masq'ing rule - ping on internal box stops working, predictably (don't kill the ping program, though) - masq'ing box re-adds the masq'ing rule - existing ping from internal box to external box does *not* start working again - new ping (while other ping is still running) *does* work fine. since icmp echo is anything but connection-oriented, this might seem to indicate a deeper problem with netfilter I'm going to try and confirm on a "pure" RC2 setup, as this is RC2 kernel with some stuff from earlier betas.
When the masq rule goes down, the first ping you run (which fails) binds itself to the destination differently, it retains this binding through the rest of the ping sockets life. This behavior is completely normal.