Hi All Over the holiday I upgraded to: Netfilter v1.4.14 OS 3.6.10-2.fc17.i686 I have the following in my rules: -A PREROUTING -i p1p1 -p tcp --dport 4800 -j DNAT --to 192.168.1.253 ... -A FORWARD -i p1p1 -o em1 -d 192.168.1.253 -p tcp --syn -m connlimit --connlimit-above 1 -j LOG --log-prefix " MultiIP " -A FORWARD -i p1p1 -o em1 -d 192.168.1.253 -p tcp --syn -m connlimit --connlimit-above 1 -j REJECT --reject-with tcp-reset With the old OS - I would see the above log entry some of the time and assumed that the packet was dropped. With the NEW OS - I am not seeing anything. conntrack shows incoming and outgoing ( conntrack -L ) but the filter is not logging or rejecting any of the connections. What am I missing? Oh, folks connect on tcp 4800, then get a UDP port from the endpoint application. I can view the endpoint application and see multiple connections from the same IP. Thanks and Happy New Year! todh -- Todd Hackett Chief Bottle Washer PoBox 1168 Libby, MT 59923 406.293.3843 -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
