Join Log in
Score:0
Otoko avatar Ubuntu

Firewall losing state on LAN connection interruption?

bq flag
Otoko

Could you please help me with the following issue? Have an established SSH connection, but it goes down right after my LAN connection gets interrupted for few seconds and firewall starts blocking it. It should remember connection state, but it does not?

Feb 05 19:21:18 systemd-networkd[791]: re0: Lost carrier
Feb 05 19:21:18 systemd-networkd[791]: re0: DHCP lease lost
Feb 05 19:21:18 kernel: r8169 0000:01:00.0 re0: Link is Down
Feb 05 19:21:18 systemd-timesyncd[738]: No network connectivity, watching for changes.
Feb 05 19:21:18 systemd[1]: Starting resolvconf-pull-resolved.service...
Feb 05 19:21:18 systemd[1]: resolvconf-pull-resolved.service: Deactivated successfully.
Feb 05 19:21:18 systemd[1]: Finished resolvconf-pull-resolved.service.
Feb 05 19:21:20 kernel: r8169 0000:01:00.0 re0: Link is Up - 100Mbps/Full - flow control off
Feb 05 19:21:20 systemd-networkd[791]: re0: Gained carrier
Feb 05 19:21:20 systemd-networkd[791]: re0: DHCPv4 address 192.168.0.8/24 via 192.168.0.1
Feb 05 19:21:20 systemd-timesyncd[738]: Network configuration changed, trying to establish connection.
Feb 05 19:21:20 systemd[1]: Starting resolvconf-pull-resolved.service...
Feb 05 19:21:20 kernel: fw: IN=re0 OUT= MAC=00:e0:4c:38:33:1f:40:61:86:a1:90:6a:08:00 SRC=192.168.0.1 DST=192.168.0.8 LEN=1500 TOS=0x08 PREC=0x40 TTL=64 ID=0 DF PROTO=TCP SPT=22 DPT=48782 WINDOW=1027 RES=0x00 ACK URGP=0
Feb 05 19:21:20 systemd-timesyncd[738]: Initial synchronization to time server 185.125.190.58:123 (ntp.ubuntu.com).
Feb 05 19:21:20 systemd[1]: resolvconf-pull-resolved.service: Deactivated successfully.
Feb 05 19:21:20 systemd[1]: Finished resolvconf-pull-resolved.service.
Feb 05 19:21:20 kernel: fw: IN=re0 OUT= MAC=00:e0:4c:38:33:1f:40:61:86:a1:90:6a:08:00 SRC=192.168.0.1 DST=192.168.0.8 LEN=260 TOS=0x08 PREC=0x40 TTL=64 ID=0 DF PROTO=TCP SPT=22 DPT=54954 WINDOW=1027 RES=0x00 ACK PSH URGP=0

Corresponding firewall rules looks like this:

-A INPUT -i $INT_IF -s $INT_NET --match conntrack --ctstate ESTABLISHED,RELATED -j ACCEPT
-A INPUT -m conntrack --ctstate INVALID -j LOGDROP
-A INPUT -j LOGDROP
51
0 + 0
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.