On Mon, 22 Sep 2003, Nigel Metheringham wrote: > Took a closer look. > If I put that mangle rule in then:- > * I see no ICMP packets on the wire between the originating box > and the linux g/w (tested in 2 places to make sure I don't have > any packet sniffing/netfilter interactions). Previously I saw > ICMP need frag packets as quoted above > * those icmp_reply log messages appear to fire on each and every > packet > > icmp_reply: outer SRC -> 192.168.50.119 > icmp_reply: inner DST -> 192.168.50.119 1500 Uhm, let me see if I got this right... If you add that mangle rule you don't see any icmp packets on the wire but you see the icmp_reply messages? Or do you see those messages when you don't have the rule and thus see the icmp packets? /Martin
