[Bug 64] Conntrack-Table is not cleared on inferface down using target MASQUERADE

bugzilla-daemon@netfilter.org bugzilla-daemon@netfilter.org
Tue, 08 Apr 2003 10:22:14 +0200


https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=64





------- Additional Comments From tobias@portfolio16.de  2003-04-08 10:13 -------
Created an attachment (id=17)
Leftover connections after ~4 days uptime


------- Additional Comments From tobias@portfolio16.de  2003-04-08 10:22 -------
This is the list of the leftover connections as for now, here the statistics: 
 
tobias@lafiel:~$ wc -l ip_conntrack 
    458 ip_conntrack 
tobias@lafiel:~$ wc -l left_connections_annon 
     65 left_connections_annon 
 
The router is up for almost 4 days now, there were 7 disconnects in this time... (Yes, I 
know... My provider disconnects after 12 hours, not after 24, as I said in the first post :( 
) 
 
Here is the crazy creation I used to dreate that attached file: 
tobias@lafiel:~$ grep -v "192\.168\.2\." ip_conntrack | grep -v "127\.0\.0\.1" | grep -v 
"A\.B\.C\.D" | grep -v "src=192\.168\.[0-9]*\.[0-9]* dst=192\.168\." | sed 
's/=\(192\.168\.\)/=X\1/g; s/\(=[0-9]*\.[0-9]*\.[0-9]*\.\)[0-9]*/\1XXX/g; s/=X192/=192/g' > 
left_connections_annon 
(Yupp, there is another "grep -v", I used this the last time, but didn't mention it in the 
post, sorry) 



------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.