All Questions
5
questions with no upvoted or accepted answers
1
vote
0
answers
796
views
UDP packets dropped with `ctstate=INVALID`, but meanwhile its connection `[ASSURED]` in conntrack list
I have my router connecting to a remote VPS as so-called 'VPN' that is based on UDP protocol, then the VPS traffic slows down in few seconds after a new reboot.
I can see a huge amount of incoming ...
1
vote
0
answers
430
views
iptables DNAT traffic to localhost weird behavior
I hit a problem when trying to understand how iptables handles DNATed packet..
I run a server at localhost:8000, and I added a rule to nat table:
-A OUTPUT -d 1.2.3.4/32 -p tcp -m tcp --dport 80 -j ...
1
vote
0
answers
604
views
Packets disappearing between forward and postrouting hooks
I can see packets getting logged/accepted in the forward chain and they're correctly tagged with the right outbound interface, but they never hit the rule in the postrouting chain and tcpdump never ...
0
votes
1
answer
38
views
Why does it go through netfilter postrouting when visiting local ports?
Environment:
[root@VM-32-4-centos ~]# uname -r
3.10.0-514.26.2.el7.x86_64
I have set log printing in the following chain:
[root@VM-32-4-centos ~]# iptables -A INPUT -p tcp --dport 8000 -j LOG --log-...
0
votes
0
answers
276
views
nftables rules syantax getting error in adding rule
I am trying to add this rule
nft insert rule ip nat PREROUTING iifname enp0s3 udp dport 9100 counter dnat to 192.168.150.2
I am getting this error
[root@ph3ro]# nft insert rule ip nat PREROUTING ...