ip_conntrack_tcp problem on kernel 2.4.28 !!! INVALID ?

Patrick McHardy kaber at trash.net
Sat Dec 25 15:11:10 CET 2004


Konsar wrote:
> Hi !!!
> 
> I have patches kernel 2.4.28 + patch-o-matic-ng-20040621 with  
> iptables-1.2.11 on my router/NAT server.This islog from my server
 >
> [...]
>
> Dec 25 14:15:47 gizmo kernel: ip_conntrack_tcp: INVALID: invalid RST  
> (ignored) SRC=64.230.127.202 DST=22.22.22.22 LEN=40 TOS
> =0x00 PREC=0x00 TTL=111 ID=25587 PROTO=TCP SPT=46885 DPT=1804 SEQ=0  
> ACK=881916807 WINDOW=0 RES=0x00 ACK RST URGP=0
> janek.log lines 17-47/47 (END)
> 
> What is this and how close this log ? Where is problem ?

The problem is edonkey, you get all kinds of crap if you run
it or catch the IP of someone who did. Its about the biggest
sin for a network I've ever seen. The only funny part about
it are the crappy implementations, you just have to smile if
you see people do GUI refreshing in the UDP packet handler :)

Regards
Patrick

BTW: No need to CC tons of people for questions like these.



More information about the netfilter-devel mailing list