Re: Aren't these connections ESTABILISHED? (2nd take)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Gioele Barabucci <dev@xxxxxxxxxxxxxxxxxxx>
Subject: Re: Aren't these connections ESTABILISHED? (2nd take)
From: Henrik Nordstrom <hno@xxxxxxxxxxxxxxx>
Date: Sun, 2 Oct 2005 04:02:47 +0200 (CEST)
Cc: netfilter@xxxxxxxxxxxxxxxxxxx
In-reply-to: <dhmn38$hsk$1@xxxxxxxxxxxxx>
References: <dhmn38$hsk$1@xxxxxxxxxxxxx>
Sender: netfilter-bounces@xxxxxxxxxxxxxxxxxxx

On Sat, 1 Oct 2005, Gioele Barabucci wrote:

Postfix does some DNS lookups on the DNS server (69.93.28.254). After a bit,
iptables forget that the connection is ESTABILISHED and DROPs the reply.

Probably hits the UDP conntrack timeout. The default is only 30 seconds toreceive a reply to the initial packet, and DNS can take longer..


Regards
Henrik

Follow-Ups:
- Re: Aren't these connections ESTABILISHED? (2nd take)
  - From: Gioele Barabucci

References:
- Aren't these connections ESTABILISHED? (2nd take)
  - From: Gioele Barabucci

Prev by Date: Re: Aren't these connections ESTABILISHED? (2nd take)
Next by Date: Re: NAT/POSTROUTING rules doesn't match packets
Previous by thread: Re: Aren't these connections ESTABILISHED? (2nd take)
Next by thread: Re: Aren't these connections ESTABILISHED? (2nd take)
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux