bugzilla-daemon at bugzilla.netfilter.org
2009-Aug-09 22:20 UTC
[Bug 601] New: log messages with flags "ACK PSH FIN"
http://bugzilla.netfilter.org/show_bug.cgi?id=601
Summary: log messages with flags "ACK PSH FIN"
Product: netfilter/iptables
Version: unspecified
Platform: All
OS/Version: Debian GNU/Linux
Status: NEW
Severity: minor
Priority: P3
Component: ip_conntrack
AssignedTo: laforge at netfilter.org
ReportedBy: netfilter at vigor.co.za
I find a log of log messages of the following format.
kernel: ''OUT-eth0int':'IN= OUT=eth0 SRC=localIP DST=knownIP
LEN=52 TOS=0x00
PREC=0x00 TTL=64 ID=43339 DF PROTO=TCP SPT=3293 DPT=80 WINDOW=1270 RES=0x00 ACK
PSH FIN URGP=0
It seems the connection tracking is not working properly here, and blocking
out- going packets.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at bugzilla.netfilter.org
2009-Aug-09 22:22 UTC
[Bug 601] log messages with flags "ACK PSH FIN"
http://bugzilla.netfilter.org/show_bug.cgi?id=601 ------- Comment #1 from netfilter at vigor.co.za 2009-08-10 00:22 ------- related. http://lists.netfilter.org/pipermail/netfilter/2005-August/062049.html -- Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug, or are watching the assignee.
bugzilla-daemon at bugzilla.netfilter.org
2009-Oct-23 23:13 UTC
[Bug 601] log messages with flags "ACK PSH FIN"
http://bugzilla.netfilter.org/show_bug.cgi?id=601
jengelh at medozas.de changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|laforge at netfilter.org |jengelh at medozas.de
------- Comment #2 from jengelh at medozas.de 2009-10-24 01:13 -------
Make use of Xtables-addons's LOGMARK target to have the state of the packet
printed in dmesg:
iif=? hook=whatever nfmark=0 ... ct=???
Look for ct=.
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
You are the assignee for the bug, or are watching the assignee.
Possibly Parallel Threads
- [Bug 601] log messages with flags "ACK PSH FIN"
- [Bug 601] log messages with flags "ACK PSH FIN"
- [Bug 713] New: CPPFLAGS are mishandled which breaks non-shared targets
- [Bug 732] New: Iptables 1.4.11 or 1.4.12 does not compile on CentOS 5.6
- [Bug 720] New: iptables no longer compiles for Linux 2.4 because it uses linux/magic.h