[Bug 443] 2.6 kernel failing in NAT with significant outbound traffic

bugzilla-daemon at bugzilla.netfilter.org bugzilla-daemon at bugzilla.netfilter.org
Mon Feb 20 22:48:30 CET 2006


https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=443





------- Additional Comments From nothingel at hotmail.com  2006-02-20 22:48 MET -------
I did some more digging and kernel-2.6.8 works as expected but 2.6.9 breaks.

After reading through the Changelog for 2.6.9
(http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.9), I noticed the
option "ip_conntrack_tcp_be_liberal".

"echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal" causes the
problem to be resolved.

When set to 0 (the default), the problem is manifested.

Can anyone shed more light on this "liberal" option?  What is it's intended use?
 Apparently it does more harm than good for me.



-- 
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.



More information about the netfilter-buglog mailing list