[Just posted this to comp.security.firewalls when then I found out about debian-firewall]
OK, thanks folks for pointing out the possibility that conntrack might be timing out especially over my overloaded 31K avg. modem. I suppose there is no way to adjust the timeout? I also see Subject: iptables ip_conntrack bugs? (was: persistant connections?) in linux.debian.maint.firewall http://groups.google.com/groups?hl=zh-TW&lr=&ie=UTF-8&safe=off&frame=right&th=5fd3ce547f5f6918&seekm=Pine.LNX.4.40.0201201611120.3177-100000%40cicero.axis.se I suppose there are few rural users of this so it is another rich north vs. poor south type problem? or maybe i'm off on a limb. OK, I suppose I must take the conntrack stuff out of my iptables which i recently posted here. I suppose I will run nmap, scanning my self from the inside of my single home computer, and just deal with those specific ports with things listening. or maybe i will search for how folks got by before conntrack? I use Linux debian 2.4.18-k7 #1 Sun Apr 14 13:19:11 EST 2002 i686 unknown # grep conn /proc/slabinfo ip_conntrack 10 60 384 6 6 1 long after hanging up, whatever it means. -- http://jidanni.org/ Taiwan(04)25854780 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
