[clue-tech] forwarded packets not matching any iptables rules?
Kevin Fenzi
kevin at scrye.com
Thu Aug 24 15:47:40 MDT 2006
>>>>> "Jim" == Jim Ockers <ockers at ockers.net> writes:
Jim> Hi CLUEbies, Does anyone know how to flush (clear) the
Jim> ip_conntrack table in a 2.4.22 kernel?
Jim> It seems that my problem below is timing or sequence.
Jim> http://marc.theaimsgroup.com/?l=netfilter&m=112878199509625&w=2
Jim> It seems that IF: 1. the interface comes up 2. a UDP packet is
Jim> seen right away 3. subsequently to (2) the iptables rules are
Jim> configured
Jim> THEN the UDP packets will not get processed by iptables.
Jim> The conntrack userspace tool requires 2.6.13 or newer kernel, or
Jim> something. Of course I need it to work for 2.4.22. Is there
Jim> another way (besides rebooting) to flush ip_conntrack?
Aside from the userspace tool, the only way I know to clear out the
conntrack is to remove the connection tracking module and reload it.
Jim> Thanks, Jim
kevin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://cluedenver.org/pipermail/clue-tech/attachments/20060824/5c918e47/attachment-0001.bin
More information about the clue-tech
mailing list