Thank you, Joe, for your response On 11/20/06, Flophouse Joe <flophousejoe-lartc-zvbbfzu@xxxxxxxxxxxxxxxx> wrote:
Have you considered testing any of the patches from netfilter's patch-o-matic?
I will consider doing just that.
There are two patches that seem promising. Quoting from the netfilter website: http://www.netfilter.org/patch-o-matic/pom-extra.html#pom-extra-rtsp-conntrack
...
http://www.netfilter.org/patch-o-matic/pom-extra.html#pom-extra-sip-conntrack-nat
... Thanks for the pointers. But, I think my problem is really more basic. I only mentioned that it was SIP related for background. Let me try to restate my question: Is it a common problem that inserting a rule after a (UDP) stream is established does not match the rule, even though the exact same rule for the exact same stream does match, as long as it is inserted before the first packet of the stream arrives? If so, (that it is a common, or at least known, problem), how does one overcome this problem? Is there a way to "disconnect" the stream, once the rule is installed, so that can match? Like I said in the original post, everything works right, as long as my rule wins the race with the first packet. Any other hints most welcome, meanwhile I will examine the two patches mentioned. Thanks,
Joe
Bob _______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
