[Bug 400] connection tracking does not work on VLANs if underlying
interface is a bridge
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Mon Jan 30 18:31:48 CET 2006
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=400
------- Additional Comments From schulz at schwaar.com 2006-01-30 18:31 MET -------
Different "--log-prefix" of the rules (see below):
'P ' <=> PREROUTING
'1 ' <=> line 1 of INPUT
'3 ' <=> line 3 of INPUT
'5 ' <=> line 5 of INPUT
'O ' <=> line 1 of OUTPUT
Log of 'echo -e "GET / HTTP/1.0\n\n|netcat 213.95.27.115 80' is attached
(LOG20060130).
roadwarrior:~# iptables -t mangle -L -nv
Chain PREROUTING (policy ACCEPT 34386 packets, 28M bytes)
pkts bytes target prot opt in out source destination
1230 467K LOG all -- * * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 4 prefix `P '
roadwarrior:~# iptables -L INPUT -nv
Chain INPUT (policy ACCEPT 63075 packets, 38M bytes)
pkts bytes target prot opt in out source destination
19 2284 LOG all -- vlan0075 * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 4 prefix `1 '
10 1828 ACCEPT all -- vlan0075 * 0.0.0.0/0 0.0.0.0/0
state RELATED,ESTABLISHED
9 456 LOG all -- vlan0075 * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 4 prefix `3 '
21 976 ACCEPT tcp -- vlan0075 * 0.0.0.0/0 0.0.0.0/0
tcp flags:!0x17/0x02
5 232 LOG all -- vlan0075 * 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 4 prefix `5 '
0 0 ACCEPT udp -- vlan0075 * 0.0.0.0/0 0.0.0.0/0
udp dpts:32768:61000
1 28 ACCEPT icmp -- vlan0075 * 0.0.0.0/0 0.0.0.0/0
113 24549 DROP all -- vlan0075 * 0.0.0.0/0 0.0.0.0/0
roadwarrior:~# iptables -L OUTPUT -nv
Chain OUTPUT (policy ACCEPT 32727 packets, 2963K bytes)
pkts bytes target prot opt in out source destination
21 1241 LOG all -- * vlan0075 0.0.0.0/0 0.0.0.0/0
LOG flags 0 level 4 prefix `O '
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the netfilter-buglog
mailing list