RE: conntrack generates UDP 'ghost traffic'

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



-----Original Message-----
>But the SOURCE is dead!
>[root@pollux conntrack-tools-0.9.13 ]# ping  -w 3 192.168.14.57
>PING 192.168.14.57 (192.168.14.57) 56(84) bytes of data.
>--- 192.168.14.57 ping statistics ---
>4 packets transmitted, 0 received, 100% packet loss, time 2999ms
>[root@pollux conntrack-tools-0.9.13 ]#
>
>Problem:
>========
>In this situation the UDP traffic is flooded through our SWITCH
>infrastructure!
>
>
>Question:
>=========
>How can we avoid this?

Manually work-around:
- Option1: Change the state of the TCP established conntrack rule?
- Option2: Insert/inject FIN packets with 'packit'?

Ad Option1
"conntrack -D" does only some administration changes. To what state can
we
Change the rule to force disconnection of the TCP connection?


Automatic work-around:
- Monitor ICMP traffic (for instance with the nf_conntrack_rtsp module?)
- Is there a solution available?


GR,
RG

--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux