> On Wed, May 18, 2005 at 10:22:20AM +0400, Visham Ramsurrun wrote: > > Also, I wanted to know if connection tracking still works for a TCP > > connection where the SYN packet passes through stateful firewall FW1, > > the SYN/ACK packet passes through stateful firewall FW2, the ACK > > passes again through FW1 and the first data packet passes through FW2. > > Is the connection considered as ESTABLISHED at that point on both > > firewalls? > > absolutely not. What if I don't use the conntrack helper module for TCP and I use the default connection tracking mechanism of ip_conntrack. Then I'm sure it has to work. Just wasn't sure abt the TCP conntrack helper module.. Many thx for the reply... Best regards, Visham
