[Bug 625] IN/SRC, OUT/DST, SPT/DPT are backwards in LOG when used with a VLAN
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Wed Dec 16 20:19:16 CET 2009
http://bugzilla.netfilter.org/show_bug.cgi?id=625
kernel at linuxace.com changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |kernel at linuxace.com
Status|NEW |RESOLVED
Resolution| |INVALID
------- Comment #2 from kernel at linuxace.com 2009-12-16 20:19 -------
There is absolutely nothing wrong with iptables here - only your understanding
of what is occurring. Note in each logged packet the flags "ACK SYN" are
present, meaning this is a _RESPONSE_ to your request. As such, the in/out &
src/dst are 100% accurate.
As further evidence, look at the source port in the SMTP log entry: "SPT=25
DPT=49709" which shows the server is responding from its port 25 to your
ephemeral port.
You probably are missing a "-m state --state ESTABLISHED,RELATED" at the top of
your ruleset. Regardless, such a user error is not a bug, and this bug will be
closed. If you have further questions, ask for assistance on the iptables
_USER_ mailing list.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
More information about the netfilter-buglog
mailing list