ICMP packets associated with NAT connections sent out wrong
interface?
Jordan Russell
jr-list-2007 at quo.to
Thu Jul 5 19:05:21 CEST 2007
Patrick McHardy wrote:
> Its pretty certain the REJECT target, it defauls to port unreachable
> and the network stack doesn't generate port unreachables for TCP.
> Jordan, please post your ruleset.
Yes, I have a REJECT rule for non-ESTABLISHED incoming packets on eth1.
Please see this post for rules sufficient to reproducing the issue:
http://lists.netfilter.org/pipermail/netfilter/2007-July/069182.html
>>> 0000:01:0c.0: scatter/gather disabled. h/w checksums disabled
>
>
> I can't find this message in the kernel tree. Which driver are you
> using?
It's 3c59x.
--
Jordan Russell
More information about the netfilter-devel
mailing list