----- Original Message -----
From: Brad Chapman <kakadu@adelphia.net>
To: Truxton Fulton <trux@truxton.com>
Cc: <netfilter@lists.samba.org>
Sent: Monday, August 06, 2001 2:20 PM
Subject: Re: ip_conntrack and interfaces with dynamic ip addresses (ppp)
> Truxton Fulton wrote:
>
> > Hello,
> >
> > I have a situation where I use a ppp connection to send udp packets
> > from a specific port to a specific port at a specific destination.
> >>From time to time my ppp connection drops and comes back up with a
> > new ip address. The entry in /proc/net/ip_conntrack retains the
> > ip address of the old ppp interface, so any udp packets sent with
> > the same source port are sent using the old IP address. If I wait
> > for the entry in /proc/net/ip_conntrack to expire (3 minutes),
> > then I can send my udp packets using the new IP address. Is there
> > a way to explicitly delete an entry in the connection tracking table,
> > or to flush the whole thing? I can compile conntrack as a module
> > and rmmod/insmod, but that seems inelegant. Is there a better way?
> > I am using linux 2.4.7 and iptables v1.2.2
> >
> > Thanks,
> >
> > -Truxton
>
> Mr. Fulton,
>
> You can apply the ctnetlink patch in p-o-m, then write a program
> which, in some fashion, detects interface changes and flushes the
> conntrack table of all entries with the old IP. It's a more elegant
> solution than using insmod/rmmod.
>
> Brad
This will solve memory problems, but not his problem. However I think his
problem isn't a real problem: I don't think his kernel sends through an
interface with x.x.x.x IP a packet whith source x.x.x.y. Please check with
tcpdump and send dumps to us, you'll see...
Radel
From: Brad Chapman <kakadu@adelphia.net>
To: Truxton Fulton <trux@truxton.com>
Cc: <netfilter@lists.samba.org>
Sent: Monday, August 06, 2001 2:20 PM
Subject: Re: ip_conntrack and interfaces with dynamic ip addresses (ppp)
> Truxton Fulton wrote:
>
> > Hello,
> >
> > I have a situation where I use a ppp connection to send udp packets
> > from a specific port to a specific port at a specific destination.
> >>From time to time my ppp connection drops and comes back up with a
> > new ip address. The entry in /proc/net/ip_conntrack retains the
> > ip address of the old ppp interface, so any udp packets sent with
> > the same source port are sent using the old IP address. If I wait
> > for the entry in /proc/net/ip_conntrack to expire (3 minutes),
> > then I can send my udp packets using the new IP address. Is there
> > a way to explicitly delete an entry in the connection tracking table,
> > or to flush the whole thing? I can compile conntrack as a module
> > and rmmod/insmod, but that seems inelegant. Is there a better way?
> > I am using linux 2.4.7 and iptables v1.2.2
> >
> > Thanks,
> >
> > -Truxton
>
> Mr. Fulton,
>
> You can apply the ctnetlink patch in p-o-m, then write a program
> which, in some fashion, detects interface changes and flushes the
> conntrack table of all entries with the old IP. It's a more elegant
> solution than using insmod/rmmod.
>
> Brad
This will solve memory problems, but not his problem. However I think his
problem isn't a real problem: I don't think his kernel sends through an
interface with x.x.x.x IP a packet whith source x.x.x.y. Please check with
tcpdump and send dumps to us, you'll see...
Radel