From: Victor Julien <victor@nk.nl>
To: Patrick McHardy <kaber@trash.net>
Cc: Netfilter Developers List <netfilter-devel@lists.netfilter.org>
Subject: Re: Patch for H323 connection tracking for kernel 2.6.14 and Panic with SIP tracking
Date: Fri, 06 Jan 2006 13:18:33 +0100 [thread overview]
Message-ID: <43BE6019.2020804@nk.nl> (raw)
In-Reply-To: <43BE5B0F.8010406@trash.net>
> Try to find out if the expectations ports are correct by logging
> the incoming traffic or using tcpdump.
>
When making a call:
# cat /proc/net/ip_conntrack_expect
174 proto=17 src=217.66.118.164 dst=80.126.43.45 sport=0 dport=7071
174 proto=17 src=192.168.1.1 dst=192.168.1.2 sport=0 dport=8000
tcpdump:
13:05:46.220869 IP 192.168.1.2.8000 > 192.168.1.1.7072: UDP, length: 172
syslog:
Jan 6 13:05:46 sanctorium kernel: vrmr: REJECT reject-in IN=eth0 OUT=
MAC=aa:00:04:00:0a:04:00:90:27:57:31:29:08:00 SRC=192.168.1.2
DST=192.168.1.1 LEN=200 TOS=0x00 PREC=0x00 TTL=64 ID=401 DF PROTO=UDP
SPT=8000 DPT=7072 LEN=180
REJECT is the default policy for lan to firewall traffic.
Can it be that the expectation direction is wrong?
dropped traffic is src 192.168.1.2:8000 to dst 192.168.1.1:7072
expect is src 192.168.1.1 to dst 192.168.1.2:8000
On the other hand, the dropped traffic looks the same as the
expectation, only in the opposite direction...
Regards,
Victor
next prev parent reply other threads:[~2006-01-06 12:18 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-12-31 22:47 Patch for H323 connection tracking for kernel 2.6.14 and Panic with SIP tracking Moises Silva
2006-01-02 18:28 ` Moises Silva
2006-01-03 11:30 ` Patrick McHardy
[not found] ` <c4d05cbe0601031235i45561171tc0ba691cf5fa417e@mail.gmail.com>
2006-01-03 20:37 ` Moises Silva
2006-01-05 20:00 ` Victor Julien
[not found] ` <c4d05cbe0601051220v54ab169cled8109df66cd12db@mail.gmail.com>
[not found] ` <43BD80C6.10603@nk.nl>
2006-01-05 21:32 ` Moises Silva
2006-01-06 9:34 ` Victor Julien
2006-01-06 11:57 ` Patrick McHardy
2006-01-06 12:18 ` Victor Julien [this message]
2006-01-07 1:50 ` Patrick McHardy
2006-01-07 9:34 ` Victor Julien
2006-01-07 16:33 ` sip connection tracking & expectations Victor Julien
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=43BE6019.2020804@nk.nl \
--to=victor@nk.nl \
--cc=kaber@trash.net \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.