Incoming packet in wrong chain

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi!

I got Kernel 2.6.22 und do some Masquerade for my Windows boxes.

My problem get visible in this rule:
Chain INPUT (policy DROP 0 packets, 0 bytes)
113 87963 DROP_LOG 0 --  ppp0 * 0.0.0.0/0 0.0.0.0/0 state NEW

This rule is at bottom of my INPUT-Chain.

Kernel says:
DROP: IN=ppp0 OUT= MAC= SRC=217.13.68.183 DST=91.xx.xx.xx LEN=58 TOS=0x00 PREC=0x00 TTL=59 ID=55058 DF PROTO=TCP SPT=80 DPT=2409 WINDOW=14520 RES=0x00 ACK URGP=0

This ACK packet belongs to surfing WWW and should never get into INPUT-Chain. The problem occurs randomly.
Is this a bug? A why hit a rule for SYN packets at ACK packets?

-- 
Jetzt 1 Monat kostenlos! GMX FreeDSL - Telefonanschluss + DSL 
für nur 17,95 Euro/mtl.!* http://dsl.gmx.de/?ac=OM.AD.PD003K11308T4569a
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux