Kernel >= 2.6.5, ip_conntrack and udp traffic

All of lore.kernel.org
 help / color / mirror / Atom feed

* Kernel >= 2.6.5, ip_conntrack and udp traffic
@ 2004-08-12  7:56 Sander Smeenk
  0 siblings, 0 replies; only message in thread
From: Sander Smeenk @ 2004-08-12  7:56 UTC (permalink / raw)
  To: netfilter

Hello,

I am one of the few people experiencing problems with UDP traffic being
connection tracked and somehow causing the iptables code to start
blurting out:

Aug  5 12:56:48 valor kernel: ip_conntrack_in: Frag of proto 17 (hook=0)
Aug  5 12:56:48 valor kernel: NF_IP_ASSERT:
net/ipv4/netfilter/ip_nat_standalone.c:83(ip_nat_fn)
Aug  5 12:56:48 valor kernel: ip_conntrack_in: Frag of proto 17 (hook=0)

When I try to access my sfs mounts. Google shows this has to do with a
NFS mount to localhost, with r/wsize set to >8192 bytes.

Is sfs/nfs behaving badly, or is the iptables core?

Previously, with kernels < 2.6.8-rcN, I could 'work around' this problem
by not-tracking UDP traffic, but this doesn't seem to work anymore with
the newest kernels...

There's not a lot of information in google about this problem. Am I one
of the few that experience this?

Kind regards,
Sander.

-- 
| Where are the first 6-up's ?
| 1024D/08CEC94D - 34B3 3314 B146 E13C 70C8  9BDB D463 7E41 08CE C94D

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2004-08-12  7:56 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-08-12  7:56 Kernel >= 2.6.5, ip_conntrack and udp traffic Sander Smeenk

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.