Thread (13 messages) 13 messages, 2 authors, 2008-05-29

Re: DNAT sporadically doesn't replace destination IP address

From: Patrick McHardy <hidden>
Date: 2008-05-22 16:29:26
Also in: netfilter-devel 

Kris Op de Beeck wrote:
quoted
quoted
quoted
On 22/05/2008 at 17:28, in message [ref], Patrick
McHardy [off-list ref] wrote:
quoted
quoted
[  927.204000] nf_ct_tcp: invalid SYNIN= OUT= SRC=192.168.1.30 DST=10.9.9.29 
LEN=60 TOS=0x00 PREC=0x00 TTL=64 ID=25745 DF PROTO=TCP SPT=52775 DPT=80 
SEQ=2154890499 ACK=0 WINDOW=5840 RES=0x00 SYN URGP=0 OPT 
(020405B40402080A000264810000000001030307) UID=1000
quoted
For those DST ip addresses I've got failures
Which kernel is this test running on? That message
is gone since 2.6.22.
s3p@burnin:~$ uname -a
Linux burnin 2.6.22-14-generic #1 SMP Sun Oct 14 23:05:12 GMT 2007 i686 GNU/Linux

This was the config where I detected the problem. (Ubuntu 7.10)

I didn't find the reason why your kernel even has that message
(didn't try to hard though). Could you rerun the test with a
more current kernel, like 2.6.24 or 2.6.25 please?
  



    
  

  
    

      

        Keyboard shortcuts
      

      

        
          
hback out one level

          
jnext message in thread

          
kprevious message in thread

          
ldrill in

          
Escclose help / fold thread tree

          
?toggle this help