Thanks a lot Mart I found that parameter in Centos5 with: #> cat /proc/sys/net/ipv4/netfilter/ip_conntrack_udp_timeout 30 This means that the connections UDP of my vpnclients will keep trying connect to Firewall until finish this time 30 minutes....despite I have my PREROUTING rule stating redirect that traffic UDP to the server VPN behind the Firewall?? This is the cause of the problem?? Thanks, I hope your comments to schedule this work at night with my firewall I hope to fix this soon as possible Thanks List for your assistance -- Angel 2010/3/18 Mart Frauenlob <mart.frauenlob@xxxxxxxxx>: > On 18.03.2010 06:59, angelmotta@xxxxxxxxx wrote: > >> One question, I donde have that file >> /proc/sys/net/netfilter/nf_conntrack_udp_timeout* >> I don't have netfilter directory, where is that ?? >> > > on older systems it used to be in: > /proc/sys/net/ipv4/ > > and maybe also was named with the ip_* prefix, not with nf_*. > > to look for it yourself, you could have done something like: > find /proc/sys/ -name netfilter -type d > or > find /proc/sys/ -name '*conntrack*' > ... > > Best regards > > Mart > -- > To unsubscribe from this list: send the line "unsubscribe netfilter" in > the body of a message to majordomo@xxxxxxxxxxxxxxx > More majordomo info at http://vger.kernel.org/majordomo-info.html > -- Atte Angel Motta Paz -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
