Re: Update delay when using nat table?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 12.03.2010 04:56, netfilter-owner@xxxxxxxxxxxxxxx wrote:
>> On 11.03.2010 19:41, netfilter-owner@xxxxxxxxxxxxxxx wrote:
>>> ipset looks intresting but I've no experience of patching the kernel. I
>>> did run an aptitude install ipset.
>>>
>>> ipset -H
>>> I'm of protocol version 2.
>>> Kernel module is not loaded in, cannot verify kernel version.
>>> ipset v2.5.0
>>> ...
>>>
>>> What needs to be done here? I've tried googling around but there's not
>>> that much information available.
>>>
>>
>> Please switch to bottom posting...
>>
>> If on debian, you may need to install netfilter-extensions-modules.
>>
>> Mart
>> -- 
>> To unsubscribe from this list: send the line "unsubscribe netfilter" in
>> the body of a message to majordomo@xxxxxxxxxxxxxxx
>> More majordomo info at  http://vger.kernel.org/majordomo-info.html
> 
> ----- Original Message ----- From: "Mart Frauenlob"
> <mart.frauenlob@xxxxxxxxx>
> To: <netfilter@xxxxxxxxxxxxxxx>
> Sent: Thursday, March 11, 2010 10:59 PM
> Subject: Re: Update delay when using nat table?
> 
> Ok, sorry.
> 
> The only package like that is:
> netfilter-extensions-source                                            -
> source for netfilter kernel modules derived from patch-o-matic-ng
> 
> Source files only I guess.

eris:~# aptitude search "netfilter-extensions*"
v   netfilter-extensions-modules
       -
i   netfilter-extensions-modules-2.6.26-2-686
       - netfilter-extensions modules for Linux (kernel 2.6.26-2-686).
i   netfilter-extensions-source
       - source for netfilter kernel modules derived from patch-o-matic-ng

those are what I have on debian 5.0.4.

> 
> ---
> 
> However, i did get conntrack to work. Running this command after i've
> updated iptables does the trick:
> conntrack -D -p udp --dport 777 --src x.x.x.x
> 
> This might seem like a noob question. But isn't UDP connectionless?
> Why/How does it keep track of those connections?

http://www.frozentux.net/iptables-tutorial/iptables-tutorial.html#STATEMACHINE


Regards

Mart
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux