I'm not sure if previous message was delivered to the list members (I don't see it on web archive). So once again: št 19. 8. 2021 o 19:03 Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> napísal(a): > > Better if you integrate it into the existing plugin. > > Please, go ahead post it for review, it might just need a few > iterations before it gets merged into master. > > Thanks. Okay, I will prepare my first ever patch to open source world :) I just found an another strange behaviour of conntrack. I'm mirroring port on switch and mirrored data are coming to Linux server. That port on server is in bridge. In nftables I created table bridge filter with some CT rule to enable connection tracking on bridge. As I found I had to add another dummy interface to bridge, because conntrack was not working at all, if just one port in bridge. Now I see conntrack entries but all of them as UNREPLIED and just one way byte/packet counters are increasing (see attachment). Is it because the both ways are coming to server on the same port? Any easy workaround? https://drive.google.com/file/d/1-aIXA13IicHcKHIaxkC1Hz2tRckU3YDm/view?usp=sharing
