Re: 2.6.12: connection tracking broken?

From: Jan Engelhardt
Date: Sat Jun 18 2005 - 10:06:20 EST

>I have just tried upgrading my firewall to 2.6.12, but neither of the following rules in my
>FORWARD table was allowing return traffic:

You forget about INPUT and OUTPUT. If you drop everything in INPUT, there's
nothing to FORWARD.

> 1109 814K ACCEPT all -- ppp0 br0 anywhere anywhere ctstate
> 11M 13G ACCEPT all -- ppp0 br0 anywhere anywhere state
>I have currently returned to using, where the identical configuration works fine. br0 is
>a bridge device containing two e100 devices, and ppp0 is my PPPoE DSL link. I am using iptables

Jan Engelhardt
| Gesellschaft fuer Wissenschaftliche Datenverarbeitung Goettingen,
| Am Fassberg, 37077 Goettingen,
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at