vDev <vijaypas@xxxxxxxxx> wrote: > I am experiencing a problem with Linux as a NAT router. A host/client > on the private LAN establishes a TCP connection to a server on the WAN > (Internet) through the Linux/NAT router. Here's what happens when > client attempts to tear down the socket. > > 1. Client on private LAN opens a TCP connection to the remote server > on the public network through Linux/NAT router. > 2. Client exchanges data with the remote server. > 3. The server closes the TCP connection by sending a FIN to the > client. Linux/NAT router successfully forwards the FIN to the client. > 4. The client now sends an ACK to FIN to the remote host, which is > forwarded by the Linux/NAT router to the server. > 5. The client then sends a FIN to the remote host, which is forwarded > by the Linux/NAT router to the remote server. > 6. The server now sends an ACK to the client. THE Linux/NAT router > DOES NOT FORWARD THE ACK TO THE CLIENT. GETS DROPPED! Any chance to get a tcpdump of such a connection? (Dumping on the interface in direction of the server, so we can see the server ACK that is being dropped). -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
