[Bug 1766] nfqueue randomly drops packets with same tuple
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Sun Sep 1 22:40:54 CEST 2024
https://bugzilla.netfilter.org/show_bug.cgi?id=1766
--- Comment #5 from Antonio Ojea <antonio.ojea.garcia at gmail.com> ---
The nftables rule does not detect the two packets from the same tuple as the
same connection
> ct state established,related accept
So, it seems the problem is that the same tuple gets DNATed to a different
address for each packet, but there is only one conntrack entry, so the return
packet is not able to be handled and is discarded
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240901/5b8b6978/attachment.html>
More information about the netfilter-buglog
mailing list