ip_conntrack cleanup on reconnection?
Herve Eychenne
rv@wallfire.org
Sat, 10 Jul 2004 13:57:29 +0200
On Mon, Jul 05, 2004 at 03:20:28PM +0200, Daimonion wrote:
Hi,
> Having a look at net/ip_MASQUARDE.c the ip_conntrack list should be empty
> after a device was down (cleanup?), but
> the list still is full of entries.
> Shouldnt the list be empty or, at least rewritten with the new
> ip-addresses?
Yes, it should. During the last netfilter workshop, after one of my remarks,
Rusty Russell wrote a patch to the MASQUERADE target which cleans the tables
only if the address changes (before, they were cleaned
unconditionnaly).
I don't know when the patch was applied upstream in 2.4 or if it's related
to your problem...
Herve
--
_
(°= Hervé Eychenne
//)
v_/_ WallFire project: http://www.wallfire.org/