On Thu, 2004-10-14 at 08:17, Michael Hecker wrote: > However, when my line gets disconnected and reconnects again, the > entries in the cache are not flushed as expected. Now, the > masquerading of outbound traffic is done improperly. The outgoing > packets use the OLD IP-address, which was valid before the > disconnection of the dialup line and not the new one. I see exactly the same effect with GRE packets that make it out the default masq'd interface before the correct route for them is established. When the correct route comes up, the packets go there but continue to be source-NATed with the address of the incorrect masq-ing interface. It appears to be impossible to ever change a route after an ip_conntrack entry has been established, at least when NAT is involved. Is there a better source for information about the ip_conntrack module than this list? --- Les Mikesell les@xxxxxxxxxxxxxxxx
