On Thu, 13 Jul 2006, Arno van Amersfoort wrote: > Just did some more investigation. Didn't test with tcpdump yet as this > issue is not reproducable easiely :-S Anyway it turns out that the > packets shown have state "INVALID" (opposed to ESTABLISHED or NEW). So > somehow iptables "thinks" they no longer belong to a connection > (somehow).... If you enabled logging invalid packets, then the kernel would produce log lines why those packets were categorized as INVALID. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
