[Bug 464] state match sometimes failes RELATED,ESTABLISHED matches
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Sat Apr 15 17:45:49 CEST 2006
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=464
------- Additional Comments From joerg at dorchain.net 2006-04-15 17:45 MET -------
I checked again. BTW, I am now running 2.6.16.
With the log_invalid setting as proposed, I did not see anything in the logs.
Nevertheless the counter for the work-around rule increases.
I found a website that reliably triggers the effect for me is sipgate.de, the
login form which changes to https (A VoIP provider, standard service is free of
charge, includes a german dial-in number, not need to give more details than a
street address, in case you want to test them). For obscure reasons, the first
https packet that arrives from the server is not matched as related or
established, although at least in a tcpdump my https syn packet goes out first
(what else). All other packets of the connection are threaded as established.
Maybe it is a timing issue or clamp-mss related?
Bye,
Joerg
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
More information about the netfilter-buglog
mailing list