Issue related to conntrack while insert new rule with conntrack command in linux

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hello,
I read conntrack document that you wrote about connection tracking. That is great. I have a issue while i am working on it. For example i just want add new rule like this: conntrack -I -p udp -s 192.168.122.242 -d 192.168.122.103 --sport 5070 --dport 5005 -r 192.168.122.1 -q 192.168.122.103 --reply-port-src 1111 --reply-port-dst 2222 --timeout 30 

But it doen't work.
if i insert these two rule in iptable, the same above rule will insert in conntrack table automatically and work correctly. iptables -t nat -A PREROUTING -i eth0 -p udp -s 192.168.122.242 --dport 5005 -j DNAT --to 192.168.122.1:1111
iptables -t nat -A POSTROUTING -p udp --dport 1111 -j SNAT --to 192.168.122.103:2222 
Who can i solve this problem?
With Best regards
[Index of Archives]     [Netfitler Users]     [Berkeley Packet Filter]     [LARTC]     [Bugtraq]     [Yosemite Forum]

  Powered by Linux