Sometimes I get an infinite flood of 52-byte netlink packets, every time
I call recv() on the queue fd. I have ip6tables configured to only queue
up certain TCP packets on port 25:
ip6tables -I INPUT -i eth0 -p tcp -m tcp --dport 25 \
--tcp-flags FIN,SYN,RST,ACK SYN -j QUEUE
ip6tables -nvL during this flood doesn't show the number of packets
increasing, so I don't know where the traffic is coming from. If I remove
the rule once the flood has started, packets keep coming even though there
is no QUEUE rule left!
Messages with TCP/IPv4 are 100 bytes, and TCP/IPv6 are 120, so it's a lot
smaller than those. Calling nfq_handle_packet() on them returns -1.
Where do these packets come from, and how do I get rid of them?
Thanks,
Sean Palmer
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
