From: "Trever L. Adams" <trever_adams@yahoo.com>
To: "Jeffrey W. Baker" <jwbaker@acm.org>
Cc: Linux Kernel Mailing List <linux-kernel@vger.kernel.org>
Subject: Re: iptables in 2.4.10, 2.4.11pre6 problems
Date: 09 Oct 2001 13:30:14 -0400 [thread overview]
Message-ID: <1002648616.2580.18.camel@aurora> (raw)
In-Reply-To: <Pine.LNX.4.33.0110091005540.209-100000@desktop>
In-Reply-To: <Pine.LNX.4.33.0110091005540.209-100000@desktop>
On Tue, 2001-10-09 at 13:07, Jeffrey W. Baker wrote:
> I see this too. iptables is refusing packets on locally-initiated TCP
> connections when the RELATED,ESTABLISHED rule should be letting them
> through.
>
> I mentioned this problem on the netfilter list but my message fell into
> a black hole and was apparently beyond the horizon of the developers.
>
> -jwb
Maybe I misunderstand you, define locally-initiated. Do you mean net or
do you mean box? Mine happens on connections made by the firewall
(proxy for web) and on other connections initiated internally. We
currently only allow identd and a few others from external (identd is
spoofed more or less).
I am glad I am not the only one seeing this problem. I have the
established, related as well. The only thing that should be dropped
before it gets handled is certain ICMP messages (if someone thinks I am
dropping something I shouldn't, let me know) and windows networking
datagrams (used to keep the line up from internal machines, so I killed
it).
The big problems I have are a few websites and digitalme.com (all
services... web, mail, etc.).
Trever Adams
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
next prev parent reply other threads:[~2001-10-09 17:29 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-10-09 16:58 iptables in 2.4.10, 2.4.11pre6 problems Trever L. Adams
2001-10-09 17:07 ` Jeffrey W. Baker
2001-10-09 17:30 ` Trever L. Adams [this message]
2001-10-09 18:31 ` Jeffrey W. Baker
2001-10-09 18:40 ` Trever L. Adams
2001-10-09 20:48 ` Jeffrey W. Baker
2001-10-09 22:00 ` Trever L. Adams
2001-10-09 22:46 ` Luigi Genoni
2001-10-09 22:49 ` Trever L. Adams
2001-10-09 23:02 ` Luigi Genoni
2001-10-09 23:05 ` Jeffrey W. Baker
2001-10-09 23:40 ` Luigi Genoni
2001-10-10 8:45 ` Sebastian Benoit
2001-10-10 3:55 ` Rusty Russell
2001-10-19 13:18 ` Darrell A Escola
2001-10-24 4:25 ` Rusty Russell
2001-10-28 16:45 ` Michael Rash
2001-10-09 17:40 ` Wilson
2001-10-09 18:43 ` Trever L. Adams
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1002648616.2580.18.camel@aurora \
--to=trever_adams@yahoo.com \
--cc=jwbaker@acm.org \
--cc=linux-kernel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox