-----Original Message----- >But the SOURCE is dead! >[root@pollux conntrack-tools-0.9.13 ]# ping -w 3 192.168.14.57 >PING 192.168.14.57 (192.168.14.57) 56(84) bytes of data. >--- 192.168.14.57 ping statistics --- >4 packets transmitted, 0 received, 100% packet loss, time 2999ms >[root@pollux conntrack-tools-0.9.13 ]# > >Problem: >======== >In this situation the UDP traffic is flooded through our SWITCH >infrastructure! > > >Question: >========= >How can we avoid this? Manually work-around: - Option1: Change the state of the TCP established conntrack rule? - Option2: Insert/inject FIN packets with 'packit'? Ad Option1 "conntrack -D" does only some administration changes. To what state can we Change the rule to force disconnection of the TCP connection? Automatic work-around: - Monitor ICMP traffic (for instance with the nf_conntrack_rtsp module?) - Is there a solution available? GR, RG -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html