[Bug 1115] Not all packets leaving the system get masqueraded

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Thu Jan 26 23:01:11 CET 2017


https://bugzilla.netfilter.org/show_bug.cgi?id=1115

Pablo Neira Ayuso <pablo at netfilter.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |pablo at netfilter.org
             Status|NEW                         |ASSIGNED

--- Comment #1 from Pablo Neira Ayuso <pablo at netfilter.org> ---
Probably some packets are considered invalid by conntrack.

You can check if this is the case by enabling conntrack tcp logging:

# modprobe xt_LOG
# echo 6 > /proc/sys/net/netfilter/nf_conntrack_log_invalid

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20170126/70d652da/attachment.html>


More information about the netfilter-buglog mailing list