Re: Re:How to kill DNAT'ed connection

To: "debian-firewall" <debian-firewall@lists.debian.org>
Subject: Re: Re:How to kill DNAT'ed connection
From: "marco.celeri" <marco.celeri@libero.it>
Date: Thu, 1 Jun 2006 12:02:45 +0200
Message-id: <[🔎] J06EKL$5D1799C990B8FA82B1DEABFC4D0A0247@libero.it>

The connection that was established before are still operating because there are one or a set of rules that accept the ESTABLISHED connections (in INPUT or in FORWARD), am i wrong?
If you delete this rule for the disconnected client the connection can't still operating (if the default policy is DROP).

Marco

> > Hi,
> >  can you remove the ESTABLISHED/RELATED rules for the disconnected client?
>
> What you mean?
>
> The only related rules where in PREROUTING in nat doing DNAT. On
> disconnect of client's authorizing software the rules are deleted and
> new connections can't be established (thats correct), but connection
> that wa established before a still operating (that's wrong).
>

Reply to:

Prev by Date: Re: How to kill DNAT'ed connection
Next by Date: Re: How to kill DNAT'ed connection
Previous by thread: Re: How to kill DNAT'ed connection
Next by thread: Re: How to kill DNAT'ed connection
Index(es):
- Date
- Thread