On 16/09/10 17:55, Alex Bligh wrote: > ip_conntrack ditches packets for masquerading etc if their ip checksum > is wrong. > > Is it possible to disable this behaviour on kernel 2.6.18 (I know, it's > old)? I have something that like producing tcp packets with invalid > checksums. # echo 0 > /proc/sys/net/netfilter/nf_conntrack_checksum If you use ip_conntrack instead of nf_conntrack you have to set ip_conntrack_checksum to 0. # echo 0 > /proc/sys/net/ipv4/netfilter/ip_conntrack_checksum -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
