| |
| |
| |
|
Comments:
<0> does anyone by any chance know if/when the nf-hipac patch will be fixed for 2.6.16 ?
<1> gug
<2> gugr
<3> i'm a little locked up...
<3> I need to `-o ni2 -p tcp --dport 80`, but also want to `-j REDIRECT`, how could I mix them?
<4> so, very odd. conntrack_h323 worked perfectly for me for 2 weeks. But today, plugging the power into my IP phone causes linux to lock hard (no mouse even)
<5> Rubin: you didn't happen to have the *_conntrack_netlink module loaded, then unloaded it ?
<4> nope
<4> whats netlink do?
<5> it's a userspace <-> kernelspace communication protocol
<5> s/protocol/transport/
<5> I'm asking becuase a bug related to unloading of that module was just fixed
<4> mind you, i'm using the h323 conntrack patch from Jing Min Zhao released a few weeks ago
<4> its surely alpha
<4> but it worked for 2 weeks :(
<5> ok
<4> looks like its gone through a bunch of revisions and will be in 2.6.17 without 3rd party patch
<4> so i'll wait till then and cross my fingers
<4> http://www.gossamer-threads.com/lists/iptables/devel/58431
<6> good day all, I'm curious about changes in 2.6.16 that's keeping my ipsec from working
<6> just looking for information. Anyone have any relevant info handy?
<6> I just can't figure this out
<7> quick question
<3> slow answer
<8> jengelh: you were to fast ;)
<7> INPUT table is only for packets explicitly destined for the box running iptables
<7> er chain
<7> ie won't affect port forwarding/anything else
<3> well
<3> it can, under some circumstances
<7> what would those circumstances be?
<3> REJECT target, and (for OUTPUT) ROUTE target
<2> if it's a tunneled packet
<3> there may be more, whatever is brewing in POMNG
<7> POMNG?
<3> a repository of funhouse modules ;)
<2> trandall, here's a pic I made together with another guy, in case you're interested.. :) http://xkr47.outerspace.dyndns.org/netfilter/packet_flow/packet_flow9.png
<3> http://www.imagestream.com/~josh/PacketFlow.png
<3> try that one
<7> nice drawing xkr47
<2> :)
<3> stage2?
<2> well when you understand my picture, you can go ahead and try to understand that other one :)
<7> so, it somthing is comming in via a tunnel
<7> it goes through prerouting, then to input, strips the ipip/gre, and sends in back through Prerouting with the new unencapsulated packet?
<2> any tunnels are something that has been set up by root, not ssh tunnels or such
<7> yes, gre and such?
<2> trandall, yes, for example
<3> less-than-level7 tunnels
<2> trandall, or if you have an ipv6 tunnel, then it goes to the ip6tables Prerouting after stripping the ipv4 headers
<7> k thanks
<7> xkr47, yeah I noticed :)
<2> hehe
<2> how? you did a lookup on my ipv6 address and found out it was owned by a tunnel broker ?-D
<7> no just dragged over your name and saw xkr47@2344:2324:1234:2342:...
<2> I actually got 23 first decimals of pi there, but anyway.. ;)
<7> lol cool
Return to
#netfilter
or
Go to some related
logs:
#ubuntu
#math
#mysql
libdvdcss ibook ubuntu
debian apt-get pcitools
qemu: could not set up redirection
mplayer skin
#perl
#web
most used webmail
|
|
