NAT/POSTROUTING rules doesn't match packets (SOLVED?)
bernin_a at informatik.haw-hamburg.de
bernin_a at informatik.haw-hamburg.de
Sat Oct 8 00:06:42 CEST 2005
> On Friday 07 of October 2005 21:44, Marek Zachara wrote:
> As a workaround, is there a way to manually clean up conntrack table - i'd put
> it in the boot scripts to assure such problems doesn't happen again. I know i
> can put a iptable rule to block all incoming UDP traffic for 3 minutes after
> boot-up (so the entries get cleaned), but this makes the router useless for
> these 3 minutes ...
Do i understand this correctly, the problem why the packets don't get
masqueraded/natted properly is that they already have a conntrack entry
before the nat rules are in place ??
>
> Marek
>
--arne
_________________________________________________
Versendet über Webmail der HAW Hamburg
http://www.haw-hamburg.de/webmail
More information about the netfilter
mailing list