[Bug 464] state match sometimes failes RELATED,ESTABLISHED matches

bugzilla-daemon at bugzilla.netfilter.org bugzilla-daemon at bugzilla.netfilter.org
Sun Jul 16 18:53:40 CEST 2006


https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=464





------- Additional Comments From netfilter at linuxace.com  2006-07-16 18:53 MET -------
(In reply to comment #28)
> So, ip_conntrack_tcp_be_liberal should default to 1

No, it should be 1 only if you are behind broken routers or firewalls.  Most of
the world is not, and enabling TCP window tracking by default is a good security
measure.  I'm afraid this will not change.


-- 
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.



More information about the netfilter-buglog mailing list