iptables drops _some_ valid packets

Daniel daniel at eskozoo.com
Tue Sep 19 15:52:18 CEST 2006

Hi all,
Im running a small network behind a firewall running iptables 1.3.5 doing NAT.
The firewall has two NICs, eth0 for the LAN and eth1 to a adsl modem.

Im having problems with iptables dropping some packets that belong to
an established/valid connection. I think this only occurs with
http/https traffic. For example, if I have a client on LAN browsing
somesite.com the connection gets tracked and iptables allows packets
coming and going but, and here is my problem, it will drop *some*
packets coming from somesite.com . Hence my logs get filled with this
packets that should have gone through.
As you might imagine this is rather annoying, even more so when I
havent been able to find a solution browsing google for countless
hours. Please if this post lacks information, let me know and Ill post
whatever you need.

Thank you,


More information about the netfilter mailing list