thr3ads.net - Shorewall users - Beware kernel 2.6.10 [Jan 2005]

If this information is useful, please help other people find it:
Share via:

Twitter
Facebook
Email

Tom Eastep

2005-Jan-04 16:27 UTC

Beware kernel 2.6.10

Unpatched 2.6.10 kernels are apparently broken WRT TCP connection
tracking. Established connections that are ended with an RST are not
removed from the conntrack table. See:

http://lists.netfilter.org/pipermail/netfilter-devel/2005-January/017956.html

-Tom
-- 
Tom Eastep    \ Nothing is foolproof to a sufficiently talented fool
Shoreline,     \ http://shorewall.net
Washington USA  \ teastep@shorewall.net
PGP Public Key   \ https://lists.shorewall.net/teastep.pgp.key

Possibly Parallel Threads

Fwd: [PATCH] Another iptables-save buglet
IPSEC-Netfilter patch for 2.6.10
Support for inbound traffic from multiple ISPs in CVS
Fwd: RE: 2.6 kernel ipsec and shorewall
Shorewall 2.2.0 Beta 2

Search for more seemingly similar threads

Shorewall users - Jan 2005 - Beware kernel 2.6.10

Beware kernel 2.6.10

Possibly Parallel Threads

Wisdom of the Ancients