DCC Revisited

[Harald Welte]

On Thu, Jul 05, 2001 at 02:57:14PM -0700, Jeremy Mann wrote:

> Ok, it's been about a week since I posted this, with
> various replies that clued me in to some other issues.

You are only using the INPUT chain.  

This clearly indicates that you are only using a single machine, and
not a firewall as a router/gateway.

Then again, why would you want to do NAT on a single machine?

>  Now I've finally gotten the ip_nat_irc module to
> forge the DCC send, however upon return I'm *still*
> getting the tcp packet being dropped by my tcp-chain. 
> I don't understand why this would happen since my logs
> are showing the forged dcc send packet, which would
> imply to me that it's actually being tracked.  Here
> are some log entries:

you can easily look in /proc/net/ip_conntrack to see which
connections are tracked and which expectations are generated.

> (that then repeats 3 more times)

that are the retransmissions.

Please compare the expectation with the packets you actually
receive, and see where the difference is.

> J

-- 
Live long and prosper
- Harald Welte / laforge@gnumonks.org               http://www.gnumonks.org/
============================================================================
GCS/E/IT d- s-: a-- C+++ UL++++$ P+++ L++++$ E--- W- N++ o? K- w--- O- M- 
V-- PS+ PE-- Y+ PGP++ t++ 5-- !X !R tv-- b+++ DI? !D G+ e* h+ r% y+(*)