On Friday 19 June 2009, 14:57 David Balažic wrote: > 2009/6/19 Benedikt Gollatz <ben@xxxxxxxxxxxxxxxxxxxxxxxxxx>: > > On Friday 19 June 2009, 14:03 David Balažic wrote: > >> One more thing: Where is the timeout for this set ? > > > > /proc/sys/net/netfilter/nf_conntrack_generic_timeout I presume. > > I have no netfilter dir under /proc/sys/net > > (linux 2.4) The connection tracking framework has changed somewhere around Linux 2.6.20, Linux 2.4 probably never adopted the new one. Before that, connection tracking somehow depended on the layer 3 protocol, so I don't know which timeout applies there. > > Why do you want to conntrack proto-41 packets at all? > > I don't. > That is why I started this thread: How do I make proto 41 not being > screwed by netfilter ? As I've told you before: By replacing your MASQUERADE rule with the one that you can find in the SixXS FAQ. Benedikt -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
