Hello, Nikolay S. Rybaloff a écrit :
If you are talking about netbios name resolution via UDP:137, than this is a bit more complex. These packets are mostly network-directed broadcasts so AFAIK state rule is not created for them and reply packets look like NEW.
Actually the default netfilter UDP conntrack doesn't care about broadcast addresses and will create en entry after the initial netbios request to the broadcast address. But the reply from a different (unicast) address won't match the conntrack entry.
-- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
