13 Jul
2017
13 Jul
'17
4:18 p.m.
Try turning off RPF (return path filtering at the kernel level) if it goes out on one interface and comes in the other, then RPF is almost always at fault as it will by default drop the connection
I expect it is something invisible and nasty like that, but rp_filter is not active on that system. (I never enable this because it is so difficult to monitor what it does... on gw-44-137 I use packet marking using the "rpfilter" matcher in mangle and drop of the marked packets with logging in the filter)
Rob