Cedric Blancher wrote: > > Also check if your conntrack table is not full (see > /proc/net/ip_conntrack file) and kernel log entries for some related > errors. Had a look and no errors were logged in that file. Also, is my rule overkill in the sense that specifying all three of NEW, ESTABLISHED and RELATED states is not necessary. I could get away with just NEW and RELATED? thanks, Jean-Christian Imbeault
