Afi Gjermund wrote: > On Thu, Feb 18, 2010 at 10:07 AM, Eric Dumazet <eric.dumazet@xxxxxxxxx> wrote: >>>>> Shouldn't the value after the flush be 0? The traffic that has created >>>>> this mess is from a REDIRECT rule in the PREROUTING chain of the 'nat' >>>>> table. >>>> Could you post a copy of these rules ? >>>> >>> iptables -t nat -A PREROUTING -p tcp -s X.X.X.X -d X.X.X.X --sport X >>> --dport X -j REDIRECT --to-port X >> Yes I understood you were using such rules, but I cannot understand how >> it can trigger without real nics being plugged. So I asked you some >> details, apprently you dont want to provide them and prefer to hide from >> us :) >> > Lol, sorry. The X values are dynamic and depend on what network the > device happens to be on, as well as the ephemeral source port. > > iptables -t nat -A PREROUTING -p tcp -s 172.168.8.45 -d 172.168.8.200 > --sport 4351 --dport 4500 -j REDIRECT --to-port 45001 NAT is unlikely to be the cause since its widely used and there are no other reports of leaks. Please describe your full setup, especially things like traffic scheduling, network devices, userspace queueing etc etc. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
