On Fri, Feb 28, 2014 at 12:14:30PM -0500, John P. Rouillard wrote: > I have not seen this, but you could simplify the rule and remove > > "-m state --state NEW" > > for testing to see if the problem goes away. That should eliminate any > issues with the state setup and allow all ldap traffic to pass > through.
I vote for this as a permanent solution. Why would you want netfilter to track state on inbound connections to a server in most cases? Are you also filtering outbound replies or do you have a default-allow outbound ruleset? _______________________________________________ bblisa mailing list [email protected] http://www.bblisa.org/mailman/listinfo/bblisa
