iptables drops _some_ valid packets

Daniel daniel at eskozoo.com
Tue Sep 19 15:52:18 CEST 2006


Hi all,
Im running a small network behind a firewall running iptables 1.3.5 doing NAT.
The firewall has two NICs, eth0 for the LAN and eth1 to a adsl modem.

Im having problems with iptables dropping some packets that belong to
an established/valid connection. I think this only occurs with
http/https traffic. For example, if I have a client on LAN browsing
somesite.com the connection gets tracked and iptables allows packets
coming and going but, and here is my problem, it will drop *some*
packets coming from somesite.com . Hence my logs get filled with this
packets that should have gone through.
As you might imagine this is rather annoying, even more so when I
havent been able to find a solution browsing google for countless
hours. Please if this post lacks information, let me know and Ill post
whatever you need.

Thank you,

Daniel.



More information about the netfilter mailing list