24.09.2011, 17:59, "Hans de Bruin" <jmdebruin@xxxxxxxxx>: > [22734.688709] CHAINv4=in_int IN=eth3 OUT= > MAC=00:30:18:a6:c0:f2:00:0e:00:00:00:01:08:00 SRC=186.207.156.227 > DST=92.254.124.152 LEN=40 TOS=0x00 PREC=0x00 TTL=112 ID=27025 DF > PROTO=TCP SPT=62434 DPT=16881 WINDOW=0 RES=0x00 RST URGP=0 This packet doesn't belong to any valid connection from conntrack point of view. Maybe this RST is duplicated and conntrack entry was destroyed a moment before. You can use -m conntrack --ctstate INVALID to catch such packets. -- wbr, Oleg. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
