Joseph Mack NA3T a écrit : > On Mon, 21 Jul 2008, Dimitri GOURDON wrote: > > >> I don't understand where you want to go... If I have no iptables rule, >> all is OK as I say in my first message. >> > > I can't find where you say that in your first message. > > I said it here:
"I have tried to accept these packets with Iptables and then, all my connections are terminated in a normal way (only 1-2 connection(s) stay in FIN_WAIT on web servers)." >> The problem is I use iptables to do state filtering and >> all FIN / RST packet are seen as INVALID (instead of >> ESTABLISHED...). >> > > are you using LVS-DR? If so you can't use stateful filtering > on the director, because the director doesn't see the reply > packets from the realserver. > > It is a good idea but I use LVS NAT (I forget to tell it !) >> The solution mustn't be to remove iptables rules ;) >> > > yes it is. > > Joe > > ha ha !!! I don't want to remove my iptables rules... I prefer understand why these packets are INVALID and correct the problem. Thanks for your responses ! Dimitri _______________________________________________ LinuxVirtualServer.org mailing list - [email protected] Send requests to [EMAIL PROTECTED] or go to http://lists.graemef.net/mailman/listinfo/lvs-users
