Displaying 20 results from an estimated 10000 matches similar to: "[Bug 45] New: Feature: only count packets that get matched in a chain"
2003 Feb 08
0
[Bug 45] Feature: only count packets that get matched in a chain
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=45
laforge@netfilter.org changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |WONTFIX
------- Additional Comments From
2004 Sep 22
2
IPSEc versus Multipath routing
Firstly I don''t think this is a shorewall problem, but I suspect shorewall
might be able to solve it for me.
I''ve posted this so far at
http://mandrakeusers.org/index.php?showtopic=18942
I''ve stumble upon a problem that has me stumped
I have a multipath router using 2.6.8.1 with patches from here
http://www.ssi.bg/~ja/#routes
basic setup:
___ ISP1
2003 Mar 25
7
DNAT not working after changing BIND to use views
Hello all:
I''ve got a confusing issue. I had a working shorewall configuration
(based on the two interface model) using DNAT for redirection to my HTTP
server. The HTTP server is on my inside network (I know - bad juju, but
one thing at a time). I changed my configuration this morning to use
views in my BIND (named) configuration. Everyone outside the firewall
is able to get in
2006 Jun 22
0
[Bug 488] New: Chain/Groupings of networks don't total pkts and bytes correctly
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=488
Summary: Chain/Groupings of networks don't total pkts and bytes
correctly
Product: iptables
Version: 1.2.11
Platform: i386
OS/Version: RedHat Linux
Status: NEW
Severity: normal
Priority: P2
Component: iptables
2009 Feb 16
2
[Bug 577] New: cannot set spi/reqid numbers higher than 0x7fffffff (policy match)
http://bugzilla.netfilter.org/show_bug.cgi?id=577
Summary: cannot set spi/reqid numbers higher than 0x7fffffff
(policy match)
Product: iptables
Version: unspecified
Platform: i386
OS/Version: All
Status: NEW
Severity: normal
Priority: P1
Component: iptables
AssignedTo: laforge
2003 Jun 22
0
[Bug 104] New: Bytes/packets counters sometimes give incorrect values
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=104
Summary: Bytes/packets counters sometimes give incorrect values
Product: iptables userspace
Version: 1.2.8
Platform: i386
OS/Version: RedHat Linux
Status: NEW
Severity: major
Priority: P2
Component: iptables
AssignedTo:
2013 Oct 31
7
[Bug 870] New: Iptables cannot block outbound packets sent by Nessus
https://bugzilla.netfilter.org/show_bug.cgi?id=870
Summary: Iptables cannot block outbound packets sent by Nessus
Product: iptables
Version: 1.4.x
Platform: x86_64
OS/Version: Ubuntu
Status: NEW
Severity: normal
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at lists.netfilter.org
2019 Dec 11
4
[Bug 1390] New: iptables -m string not working with --algo bm and OUTPUT chain under 5.3.x
https://bugzilla.netfilter.org/show_bug.cgi?id=1390
Bug ID: 1390
Summary: iptables -m string not working with --algo bm and
OUTPUT chain under 5.3.x
Product: netfilter/iptables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: normal
Priority: P5
2005 May 31
2
Local machine not through firewall
Currently I have shorewal 2.2 installed om my debian 2.6.8 kernel. The firewall machine can access the internet via a ethernet modem fine. The firewall can ping the local network. The local network can ping the firewall server, see the samba files. Howeven teh local network cannot access the internet through the firewall
Any suggestions?
Rob van Overbruggen
Settings and stats:
Server:
Eth1 :
2006 Mar 31
0
rule fwmark desn''t work for local packets (output chain)
Witam wszystkich
After few days with yours help I''ve succeeded with setup of load-balancing.
Now I have problem with next step. I want to mark some packets and than put
them to the one of the routing tables to force them going via only one
interface with only one ip. Easy?? Ofcourse, but not for me :(.
I''m NOT using NAT.
Chain OUTPUT (policy ACCEPT 71 packets, 24227
2012 Oct 13
1
ipsec nat issue
Hello,
I have the following setup on linux 2.6.32... CentOS 6.x :
ipsec tunnel eth0-10.255.3.254/25 - eth1-pub add1 <-> eth1-pub add2 -
eth0-10.255.5.254/25
I am trying to SNAT remote private address 10.255.5.128/25 packets when
they come out of the ipsec tunnel to make it appear like it was from local
address 10.255.3.254. I am doing a source ping from the right side to a
device on the
2003 Jul 18
0
[Bug 115] New: incorrect "state RELATED,ESTABLISHED" checking with two interfaces
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=115
Summary: incorrect "state RELATED,ESTABLISHED" checking with two
interfaces
Product: netfilter/iptables
Version: linux-2.4.x
Platform: i386
OS/Version: other
Status: NEW
Severity: normal
Priority: P2
2004 Dec 27
2
htb and iptables marked packets question
Hi folks,
I have a strange situation. When I add branches to the tree, everything
goes to the default class.
The error might be obvious, but I cannot find it. I would really appreciate
your help.
this works, nothing goes to "1:9999":
#############################################################################
/sbin/iptables -F -t mangle
/sbin/tc qdisc del dev eth1 root >
2004 Oct 24
0
IPIP Tunnel Packets not shaped/policed
Hi,
I''ve a gateway host (cali), connected to the Internet via ADSL and a PPTP tunnel
(ppp0). I also have a IPIP tunnel to another host over the Internet (mytun),
nothing fancy.
This is working perfectly.
But I want to give more priority to the IPIP packets coming OUT of the PPP (PPTP
connection) interface. And I can''t get this to work.
Class 2:21 is the one with high
2005 Jul 17
1
IPSEC packets not passing POSTROUTING chain
Packets going to a 2.6 kernel IPSEC tunnel do not seem to pass the
POSTROUTING chain. Is that correct?
R.
--
___________________________________________________________________
It''s so simple to be wise. Just think of something stupid to say
and say the opposite.
+------------------------------------------------------------------+
| Richard Lucassen, Utrecht
2007 Feb 14
0
Marking packets with iptables (NEWBIE)
Hi all,
I''m trying to marking packets with iptables and use tc filter to catch this
packets.
I configure my device:
tc qdisc del root dev eth0
tc qdisc add dev eth0 root handle 1: htb default 10
tc class add dev eth0 parent 1: classid 1:1 htb rate 3000kbit ceil 6000kbit
burst 15k
tc class add dev eth0 parent 1:1 classid 1:10 htb rate 2000kbit ceil
4000kbit burst 15k
tc qdisc add dev eth0
2003 Nov 05
0
Bug? wildcard interfaces not accepted in fwd chain
Hi,
[Summary]
There seems to be a bug when using the "+" wildcard notation in the
interfaces file, in that rules are not generated in the fwd chain to
permit traffic going out an interface with a "+" in it.
[Details]
The interface entries:
loc tun0 detect routeback,newnotsyn
loc tun1 detect routeback,newnotsyn
loc tun2
2014 Apr 02
0
[Bug 912] New: Iptables resets ALL the counters within a chain, not only the specified ones
https://bugzilla.netfilter.org/show_bug.cgi?id=912
Summary: Iptables resets ALL the counters within a chain, not
only the specified ones
Product: iptables
Version: 1.4.x
Platform: x86_64
OS/Version: All
Status: NEW
Severity: major
Priority: P5
Component: iptables
AssignedTo:
2007 Feb 10
0
[Bug 543] New: ANY shows as 0 for proto on 1.3.7
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=543
Summary: ANY shows as 0 for proto on 1.3.7
Product: iptables
Version: unspecified
Platform: All
OS/Version: other
Status: NEW
Severity: minor
Priority: P2
Component: iptables
AssignedTo: laforge@netfilter.org
ReportedBy:
2011 Sep 06
2
[Bug 747] New: IPtables marked packets not being inpsected in NAT table.
http://bugzilla.netfilter.org/show_bug.cgi?id=747
Summary: IPtables marked packets not being inpsected in NAT
table.
Product: iptables
Version: CVS (please indicate timestamp)
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P3
Component: iptables
AssignedTo: