[Bug 33] New: Connection tracking code doesn't track the interface of the connection
bugzilla-daemon@netfilter.org
bugzilla-daemon@netfilter.org
Fri, 31 Jan 2003 05:15:35 +0100
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=33
Summary: Connection tracking code doesn't track the interface of
the connection
Product: netfilter/iptables
Version: linux-2.4.x
Platform: i386
OS/Version: Mandrake Linux
Status: NEW
Severity: normal
Priority: P2
Component: connection tracking
AssignedTo: laforge@netfilter.org
ReportedBy: joseg69@bellsouth.net
CC: netfilter-buglog@lists.netfilter.org
Two internet interfaces, the interfaces are equalized using iproute2. The box
is also performing DNAT and SNAT. What occurs is sometimes is that remote users
are unable to access the DNAT resource. I troubleshoot to the packets going out
the wrong interface using tcpdump. If I add a static route for the remote host
or I disable one of the internet lines (no equalize) then everything works ok again.
My understanding of the problem is that the connection tracking code doesn't
track the interface of the connection, so the wrong interface is chosen before
un-DNAT'ing and POST-routing time.
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.