conntrack has problems with syn-ack-psh set

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

I am have a problem getting iptables to work with a bain dead linksys printserver. After is receives a syn packet it send a syn-ack-psh packet. Is psh allowed here? The conntrack can't find a match and the packet is INVALID. NO connection.

my firewall looks like this, please forgive wraparound, spelling,...
eth1 net
eth0 local


$IPT -t nat -A PREROUTING -i eth1 -p tcp --dport 9100 -j DNAT --net-dest 192.168.0.49

$IPT -t nat -A POSTROUTING -o eth1 -j MASQUERADE

$IPT -A FORWARD  -i eth0  state --state INVALID -j DROP


Do I have mangle the packet first to get rid of the push flag? how?
Is this a feature if iptables?

shaun


[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux