
And it's happening on multiple servers so I don't think this is some kind of a glitch. The old IP is still used in the natted connexion. TCP reset is identified by the RESET flag in the TCP header set to 1. I tried to play with netstat-nat but I didn't managed to get anything from it. TCP reset is an abrupt closure of the session it causes the resources allocated to the connection to be immediately released and all other information about the connection is erased. When I look my iptables rules, everything looks OK : #iptables -t nat -nL Iptables -t nat -A POSTROUTING -o eth0 -p udp -dport 38041 -j SNAT -to-source 10.230.0.4 The IP is reassigned to eth0, the iptables rules is deleted and a new iptables rules is added (with the right IP) iptables -t nat -D POSTROUTING -o eth0 -p udp -dport 38041 -j SNAT -to-source 10.230.0.1 STEP 1: unreplied SYN packets captured by googlenews browser page request from affected PC. googlenews server IPaddress determined just prior to packet capture using a non-affected PC. Say in my example it goes from 10.230.0.1 to 10.230.0.4. WAN interface packet capture: - packets are sniffed against filter host 66.249.81.99. I'm using Debian 10, and iptables to do some SNAT to force all my packets outgoing from eth0 to a specific UDP port to use a specific IP attached to eth0 : iptables -t nat -D POSTROUTING -o eth0 -p udp -dport 38041 -j SNAT -to-source 10.230.0.1īut sometimes, the source IP gets redistributed and it changes.

I have a problem with natted connection on linux.
