On Thu, 09 Jul 2009 17:34:37 +0200, Pascal Hambourg <pascal.mail@xxxxxxxxxxxxxxx> wrote: > Benedikt Gollatz a écrit : >> On Thu, 9 Jul 2009 15:06:52 +0200, David Balažic <xerces9@xxxxxxxxx> >> wrote: >> You need to accept proto-41 >> packets in the PREROUTING chain to stop the connection tracker from >> looking >> at them. > > Wrong. Connection tracking happens anyway. You'll have to tell that to the authors of the SixXS FAQ. > Anyway what David need is to allow 6in4 traffic from the tunnel > endpoint. This has nothing to do with connection tracking. Traffic passing through at first and after a certain time not being able to pass anymore is a classic symptom of problems with connection tracking. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
