similar to: [Bug 498] RTP packets are not hitting NAT table

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=498 Summary: RTP packets are not hitting NAT table Product: netfilter/iptables Version: linux-2.6.x Platform: All OS/Version: Fedora Status: NEW Severity: major Priority: P2 Component: NAT AssignedTo: laforge@netfilter.org ReportedBy:

hi, it''d be very useful to add some kind of "log everything" option to shorewall. currently the logging is useful if you know what you would like to log. but if you don''t know than it''s a problem... another problem that currently it''s not possible to log the nat table. at least i can''t find any way (can''t add logging into masq and

Hello all, I have an asterisk sip/iax peer behind a linux gateway doing nat. I''m using pppoe with a dynamic ip that changes frequently. The problem is when the line drops the sip/iax registrations drop as well, and they don''t register thereafter. When I check the conntrack entries, I noticed the entries still have the old wan ip address and because of keepalive (i''m

Hi, I?m using centos in 4 servers that work as gateway for intranets where i work. I built a particular kernel for my needs but this kernel is 2.4.31. So i neeed to boot this kernel in centos 4.3 and centos 4.2. Can anyone help with that? I know the problem is mainly in modutils because modules cannot be loaded when kernel is loaded. Any help is very much appreciated.

http://bugzilla.netfilter.org/show_bug.cgi?id=706 Jan Engelhardt <jengelh at medozas.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |jengelh at medozas.de --- Comment #1 from Jan Engelhardt <jengelh at medozas.de> 2011-03-03 14:20:30

Hi all, We have 4 outstanding tests on clang-mergefunc-x86_64-freeBSD9.2 builder. I have introduced issues for them in bugzilla: http://llvm.org/bugs/show_bug.cgi?id=18089 http://llvm.org/bugs/show_bug.cgi?id=18056 Since we have opened issues for these tests, can we add them to ignore-list for this builder? It allows faster catch and fix other failures (if we get them). I also wandering, may be

hey all, im getting the following error: Apr 14 14:29:44 lmtpdirector1 dovecot: auth: Error: passdb(scorpio,127.0.0.1): Auth client doesn't have permissions to do a PASS lookup: /var/run/dovecot/auth-userdb mode=0666, but not owned by UID 112(dovecot) Apr 14 14:29:44 lmtpdirector1 dovecot: lmtp(18298): Error: user scorpio: Auth PASS lookup failed My config. Director servers running both

Hi, I have a suspicious problem with multiple uplinks configuration. First of all my configuration: 1) kernel 2.6.20.3 2) iptables 1.3.7 3) last iproute (for masked marks) All wan interfaces are bridged (stp disabled) in only one interface (wan0), all lan interfaces are bridged (stp enabled) in only one interface (zlan0). The wan0 bridge is to allow UPnP works. To allow related

Hi all, Just switched my home computer from Windows 7 to CentOS 6.6 and I'm having a slight bit of trouble with the bittorrent-clients. * Transmission is fine but lacks "a bit" in features. * Vuze is my preferred bt-client but gives me horrendous gfx-artifacts, like not showing the torrent name (it's white text on a white background or some such...). * Deluge is better, and

I am forwarding traffic on port 8080 to port 80 with following rule. # iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8080 -j REDIRECT --to-port 80 # iptables-save However, I am unable to add it directly in /etc/sysconfig/iptables. I think it is used only for filter table and not nat table. So where do nat table rules go? Any help? - cs.

Have amd64 xen 3.1 installed on debian etch. Have all the domu file systems in lvm. Problem 1 If I have a xfs files system when I mount it on domu I get this error: Filesystem "sda5": Disabling barriers, not supported by the underlying device XFS mounting filesystem sda5 Ending clean XFS mount for filesystem: sda5 If I mount with nobarriers the message goes away. If I mount under

I had to restart one of my routers tonight and since then shorewall on it has been dropping SIP packets coming in from one machine instead of forwarding them to the freebpx server. Shorewall:net2all:DROP:IN=eth0 OUT= MAC=<removed> SRC=<my home network external ip> DST=<server network external ip> LEN=575 TOS=0x00 PREC=0x20 TTL=78 ID=230 PROTO=UDP SPT=5061 DPT=5060

I have do a classicupdate from a NT4 style domain to Samba DC 4.10.7 BIND_DLZ without (apparently) problem All seem work fine, access to PC work, join or re-join a PC to domain work, access from a Linux samba member server to Win7 PC work, access from Win7 to samba member server work. But I cannot access from a PC with win7 to another PC with win7. If I try to access from win7-0 to win7-1 via

Hi, I'm using Firestarter as my firewall. If I restart the network or my DSL line goes down, I have to manually restart Firestarter. I have sh /etc/firestarter/firestarter.sh stop and then sh /etc/firestarter/firestarter.sh start in my ip-up.local file. I confirmed ip-up.local us being executed by placing an entry in the logs, but it appears firestarter is not or at least not correctly.

Hi I would like to add rules into the iptables of the Hosted Engine VM in Ovirt. the version is oVirt Engine Version: 4.1.1.8-1.el7.centos I have tried using the normal process for iptables (iptables-save etc), but it seems that the file /etc/sysconfig/iptables this is ignored in the Ovirt Engine VM. How can I add permanent rules into the Engine VM? Kind regards Andrew

Typically (or at least somewhat occasionally) after a reboot of my shorewall[-lite] machine I find that I end up with conntrack table entries for unNATted connections such as: # conntrack -L -p udp --dport 5060 -d 99.232.11.14 udp 17 59 src=10.75.22.8 dst=99.232.11.14 sport=5060 dport=5060 packets=5472 bytes=3031488 [UNREPLIED] src=99.232.11.14 dst=10.75.22.8 sport=5060 dport=5060 packets=0

https://bugzilla.netfilter.org/show_bug.cgi?id=1680 Bug ID: 1680 Summary: Trying to delete offloaded flow with conntrack results in EBUSY Product: nftables Version: unspecified Hardware: All OS: other Status: NEW Severity: major Priority: P5 Component: kernel

When a web site is attacked, so far by unsuccessful hackers, my error routine adds the attackers IP address, prefixed by 'deny', to that web site's .htaccess file. It works and the attacker, on second and subsequent attacks, gets a 403 error response. I want to extend the exclusion ability to every web site hosted on a server. My preferred method is iptables. However, when

xen-3.0.3-94.el5_4.2 2.6.18-164.6.1.el5xen RHEL5.4 x86_64 I''ve got a dom0 that does nothing but have a DomU created. The DomU gets plenty of load. Over time, the dom0''s ipconntrack table fills up but not the DomU. Once it gets full I can restart iptables and it''s fine. The strange thing is this only happens on hosts I have provided (hardware and hosting) from one

Trying again, after re-subscribing: On 11/20/06, Bob Beers <bob.beers@gmail.com> wrote: > Hello, > > I want to dynamically create DNAT rules for > RTP streams (port-mapping for a SIP proxy). > > If my proxy adds the rule before the first packet > of the RTP stream hits the port, all is well. But, if > the stream begins arriving before my rule is in > place,