On Tue, 2006-02-14 at 13:16 +0900, Yasuyuki KOZAKAI wrote: > From: Yasuyuki KOZAKAI <yasuyuki.kozakai@xxxxxxxxxxxxx> > Date: Tue, 14 Feb 2006 13:03:15 +0900 (JST) > > > looks fine to me. I tested with recent kernel, same kernrel config, > > and same rules, but couldn't reproduce above log. > > > > Which version of kernel(or git commit id) and ip6tables ? > > And could you do > > echo 255 > /proc/sys/net/ipv4/netfilter/ip_conntrack_log_invalid > > Sorry, right sysctl is > > echo 255 > /proc/sys/net/netfilter/nf_conntrack_log_invalid Okay, seems there is an issue somewhere.. I'm using 2.6.16-rc3, and also had the same issue with -rc2. iptables is version 1.3.5. nf_ct_tcp: bad TCP checksum IN= OUT= SRC=2001:0200:0000:8002:0203:47ff:fea5:3085 DST=2001:0388:c17d:0000:020f:eaff:fe70:ebf9 LEN=80 TC=0 HOPLIMIT=56 FLOWLBL=525788 PROTO=TCP SPT=80 DPT=52498 SEQ=1589838125 ACK=2289866071 WINDOW=57344 RES=0x00 ACK SYN URGP=0 OPT (020405A0010303000101080A2DA73166049359BE) IP6-IN: IN=eth0 OUT= MAC=00:0f:ea:70:eb:f9:00:50:8d:e3:b5:89:86:dd SRC=2001:0200:0000:8002:0203:47ff:fea5:3085 DST=2001:0388:c17d:0000:020f:eaff:fe70:ebf9 LEN=80 TC=0 HOPLIMIT=56 FLOWLBL=525788 PROTO=TCP SPT=80 DPT=52498 WINDOW=57344 RES=0x00 ACK SYN URGP=0 Which is odd, without any ip6tables rules everything seems to work well. Thanks, Ben Skeggs. > > -- Yasuyuki Kozakai
