[Bug 448] IPv6 conntrack does not work on a tunnel interface
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Sat Feb 18 21:36:29 CET 2006
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=448
------- Additional Comments From p167v76dkmomieumt9aoacs372 at dgd.no-ip.com 2006-02-18 21:36 MET -------
(In reply to comment #4)
> Does "echo 255 >/proc/sys/net/netfilter/nf_conntrack_log_invalid" show anything?
>
I get entries like the following. All of the following packets eventually go out
tun6 then out br0 (encapsulated in an IPv4 packet):
There are no entries for returning packets, although those returning packets are
matched by --state INVALID
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=72 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603113 ACK=3672553383 WINDOW=1420 RES=0x00
ACK URGP=0 OPT (0101080A03E2B59403C8B02A) UID=1001
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=494 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603113 ACK=3672553383 WINDOW=1420 RES=0x00
ACK PSH URGP=0 OPT (0101080A03E2B59503C8B02A) UID=1001
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=72 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603535 ACK=3672554209 WINDOW=1833 RES=0x00
ACK URGP=0 OPT (0101080A03E2B64003C8B03B) UID=1001
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=72 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603535 ACK=3672554248 WINDOW=1833 RES=0x00
ACK URGP=0 OPT (0101080A03E2B64A03C8B03D) UID=1001
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=84 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603535 ACK=3672554248 WINDOW=1833 RES=0x00
ACK URGP=0 OPT (0101080A03E2B64D03C8B03D0101050ADAE6C608DAE6CA29) UID=1001
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=92 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603535 ACK=3672554591 WINDOW=2437 RES=0x00
ACK URGP=0 OPT
(0101080A03E2B65703C8B03E01010512DAE6B7A7DAE6BB08DAE6C608DAE6CA29) UID=1001
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=84 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603535 ACK=3672555799 WINDOW=3041 RES=0x00
ACK URGP=0 OPT (0101080A03E2B65703C8B03E0101050ADAE6C608DAE6CA29) UID=1001
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=84 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603535 ACK=3672557007 WINDOW=3645 RES=0x00
ACK URGP=0 OPT (0101080A03E2B65703C8B03E0101050ADAE6C608DAE6CA29) UID=1001
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=84 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603535 ACK=3672558121 WINDOW=4249 RES=0x00
ACK URGP=0 OPT (0101080A03E2B65803C8B03E0101050ADAE6C608DAE6CA29) UID=1001
Feb 18 14:21:58 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=72 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52163 DPT=80 SEQ=1141620617 ACK=2980332136 WINDOW=1420 RES=0x00
ACK URGP=0 OPT (0101080A03E2B6E803C8B04C) UID=1001
Feb 18 14:22:14 gamma kernel: printk: 17 messages suppressed.
Feb 18 14:22:14 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=72 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603890 ACK=3672563210 WINDOW=6665 RES=0x00
ACK URGP=0 OPT (0101080A03E2F2F703C8B64A) UID=1001
Feb 18 14:22:28 gamma kernel: nf_ct_tcp: invalid state IN= OUT=
SRC=2002:4071:4c37:0000:0000:0000:0000:0001
DST=2001:06b0:0001:00ea:0202:a5ff:fecd:13a6 LEN=72 TC=0 HOPLIMIT=64 FLOWLBL=0
PROTO=TCP SPT=52162 DPT=80 SEQ=1152603890 ACK=3672563210 WINDOW=6665 RES=0x00
ACK FIN URGP=0 OPT (0101080A03E32AC603C8B64A) UID=1001
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the netfilter-buglog
mailing list