Re: ip6tables icmp conntracking on 2.6.18 vs 2.6.24

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

also sprach martin f krafft <madduck@xxxxxxxxxxx> [2008.04.02.2326 +0200]:
>   -P INPUT DROP
>   -P FORWARD DROP
>   -P OUTPUT ACCEPT
> 
>   -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
>   -A INPUT -j LOG --log-prefix "[INPUT6]: "

This seems to apply to all kinds of connections. If I make an
outgoing SSH connection, the SYN,ACK packet from the peer is
logged and dropped instead of accepted.

Is IPv6 connection tracking on 2.6.18 just broken?

-- 
martin | http://madduck.net/ | http://two.sentenc.es/
 
"sailing is, after all, a kind of grace, a kind of magic."
                                                        -- phil berman
 
spamtraps: madduck.bogus@xxxxxxxxxxx

Attachment: digital_signature_gpg.asc
Description: Digital signature (see http://martin-krafft.net/gpg/)

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux