Hello, we are using Debian 2.6.26-2-amd64 with a database server listening on tcp port 2638. Usually everything works just fine, but sometimes we get connection errors on the server, and then, each time we see firewall entries like this in the syslog: Feb 1 07:41:26 sv16 kernel: [34944777.631090] RULE 17 -- DENY IN= OUT=lo SRC=188.myip DST=188.myip LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID =0 DF PROTO=TCP SPT=41562 DPT=2638 SEQ=1506091366 ACK=0 WINDOW=0 RES=0x00 RST URGP=0 Feb 1 07:41:29 sv16 kernel: [34944786.286850] RULE 17 -- DENY IN= OUT=lo SRC=188.myip DST=188.myip LEN=40 TOS=0x00 PREC=0x00 TTL=64 ID =0 DF PROTO=TCP SPT=41562 DPT=2638 SEQ=1506091366 ACK=0 WINDOW=0 RES=0x00 RST URGP=0 In the firewal we even have a rule which allows everything in/out on the lo interface. It looks like there are some timeouts or state filters which do not work as intended by us. Any ideas how I can debug this ? I can't trace all the traffic on the lo interface, because there is quite heavy load/traffic on that interface. André -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
