On 26/04/2010 21:28, Pascal Hambourg wrote:
Could you capture the time query and reply packets (port 37) with a packet sniffer such as tcpdump or wireshark ?
Yes, I just tried that, and I think it shows the problem. It turns out that a TIME request is being made to IP A, but the response is coming from IP B! So I'm not surprised iptables isn't matching it as established or related.
That leads me to ask, who is in the wrong? Should iptables be matching the response, should the TIME server be responding with the address from which it receives a query, or is it my fault for not knowing that a request/response IP mismatch is legal behaviour and crafting an appropriate rule?
Cheers, Eric -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
