iptables "DROP 0 packets"

Issues related to configuring your network
User avatar
jlehtone
Posts: 3335
Joined: 2007/12/11 08:17:33
Location: Finland

Re: iptables "DROP 0 packets"

Post by jlehtone » 2021/01/26 15:03:38

That does not still explain the difference in behaviour. Does one system have a similar "reset" somewhere in scripts/config that the other lacks?


Another thing is that you could convert to using nftables.service
It is the same ruleset that you will load.
If you add "counter drop" as last rule into the INPUT chain, then you get the statistics.

driesp
Posts: 12
Joined: 2015/06/25 13:31:10

Re: iptables "DROP 0 packets"

Post by driesp » 2021/01/26 16:30:31

I will need to study nftables further, it won't be easy because I am using iptables since a long time.

I just noticed this behaviour change after installing new machines.
I have my default iptables script I deploy on all machines, so they are fairly the same except for some rules depending on the services the machine runs.

Don't know why the bug is there on a originally 8.2 or a new 8.3 install and not on an originally 8.1 or older installation.
Even if all the machines are getting updated to the latest release.

Post Reply

Return to “CentOS 8 - Networking Support”