[Bug 958] New: MASQUERADE does not work on recent kernels

bugzilla-daemon at netfilter.org bugzilla-daemon at netfilter.org
Mon Jun 9 21:27:54 CEST 2014


           Summary: MASQUERADE does not work on recent kernels
           Product: netfilter/iptables
           Version: unspecified
          Platform: x86_64
        OS/Version: All
            Status: NEW
          Severity: major
          Priority: P5
         Component: NAT
        AssignedTo: netfilter-buglog at lists.netfilter.org
        ReportedBy: hramrach at gmail.com
   Estimated Hours: 0.0

On recent kernels MASQUERADE does not work.

Fedora:  https://bugzilla.redhat.com/show_bug.cgi?id=1016739

Debian: upgraded from wheezy stable kernel (like 3.2) to 3.14 due to broken
network card driver for new hardware. 

Now untranslated packets leak to the outside and doubly translated packets
occur (with both addresses internal - one of the router other of an internal
machine). This is shown by tcpdump on the router on internal and external
interface. Not sure how trustworthy the data is.

Some software - mostly VPN works. Most plain TCP software fails miserably.
Symptom: connection timed out or connection reset by peer. Using proxy sitting
on the router works.

Configure bugmail: https://bugzilla.netfilter.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.

More information about the netfilter-buglog mailing list