[Bug 443] 2.6 kernel failing in NAT with significant outbound traffic

bugzilla-daemon at bugzilla.netfilter.org bugzilla-daemon at bugzilla.netfilter.org
Mon Feb 20 22:48:30 CET 2006


------- Additional Comments From nothingel at hotmail.com  2006-02-20 22:48 MET -------
I did some more digging and kernel-2.6.8 works as expected but 2.6.9 breaks.

After reading through the Changelog for 2.6.9
(http://www.kernel.org/pub/linux/kernel/v2.6/ChangeLog-2.6.9), I noticed the
option "ip_conntrack_tcp_be_liberal".

"echo 1 > /proc/sys/net/ipv4/netfilter/ip_conntrack_tcp_be_liberal" causes the
problem to be resolved.

When set to 0 (the default), the problem is manifested.

Can anyone shed more light on this "liberal" option?  What is it's intended use?
 Apparently it does more harm than good for me.

Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.

More information about the netfilter-buglog mailing list