LVS
lvs-users
[Top] [All Lists]
Google
 
Web LinuxVirtualServer.org
<prev [Date] next> <prev [Thread] next>

Re: [lvs-users] Iptables find invalid packets

from [Joseph Mack NA3T] [Permanent Link]
To: "LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>
Subject: Re: [lvs-users] Iptables find invalid packets
From: Joseph Mack NA3T <jmack@xxxxxxxx>
Date: Mon, 21 Jul 2008 06:47:36 -0700 (PDT) 
On Mon, 21 Jul 2008, Dimitri GOURDON wrote:

> I don't understand where you want to go... If I have no iptables rule,
> all is OK as I say in my first message.

I can't find where you say that in your first message.

> The problem is I use iptables to do state filtering and 
> all FIN / RST packet are seen as INVALID (instead of 
> ESTABLISHED...).

are you using LVS-DR? If so you can't use stateful filtering 
on the director, because the director doesn't see the reply 
packets from the realserver.

> The solution mustn't be to remove iptables rules ;)

yes it is.

Joe

-- 
Joseph Mack NA3T EME(B,D), FM05lw North Carolina
jmack (at) wm7d (dot) net - azimuthal equidistant map
generator at http://www.wm7d.net/azproj.shtml
Homepage http://www.austintek.com/ It's GNU/Linux!
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [lvs-users] Iptables find invalid packets, Dimitri GOURDON
Next by Date:  Re: [lvs-users] Iptables find invalid packets, Dimitri GOURDON
Previous by Thread:  Re: [lvs-users] Iptables find invalid packets, Dimitri GOURDON
Next by Thread:  Re: [lvs-users] Iptables find invalid packets, Dimitri GOURDON
Indexes:  [Date] [Thread] [Top] [All Lists]