On Mon, 9 Jun 2008, Thomas Bätzler wrote: > Jozsef Kadlecsik wrote: > > Then the best were if you could capture a full TCP session by > > tcpdump and send it so that we could replay and analyze the traffic. > > I've uploaded an archive to http://baetzler.de/sandbox/dump.tar.bz2. > There is a complete tcp session of a file upload and a second dump > that contains a segment from that connection that was IMHO erroneously > logged/dropped by a rule that filters by state INVALID in the > PREROUTING chain of the mangle table. In the first dump there is no dropped packet and the second one contains a single packet. Neither of the dumps help. I need a full record of a TCP session in which packets were marked as INVALID. If you can attach the log record, that'd be even better. Best regards, Jozsef - E-mail : kadlec@xxxxxxxxxxxxxxxxx, kadlec@xxxxxxxxxxxx PGP key : http://www.kfki.hu/~kadlec/pgp_public_key.txt Address : KFKI Research Institute for Particle and Nuclear Physics H-1525 Budapest 114, POB. 49, Hungary
