[Bug 444] New: REDIRECT not working in kernel 2.6.16-rc[12] as
before (<= 2.6.15.x)
bugzilla-daemon at bugzilla.netfilter.org
bugzilla-daemon at bugzilla.netfilter.org
Wed Feb 8 19:17:36 CET 2006
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=444
Summary: REDIRECT not working in kernel 2.6.16-rc[12] as before
(<= 2.6.15.x)
Product: netfilter/iptables
Version: linux-2.6.x
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: NAT
AssignedTo: laforge at netfilter.org
ReportedBy: spiney at spiney.org
Hello,
I used the following two lines on my notebook for a long time to get to an
external mailserver at a place where outbound tcp port 25 connections are
blocked but SSH is allowed: (using REDIRECT so no change of mail client
configuration was necessary)
iptables -t nat -I OUTPUT -p tcp -d $MAILSERVER --dport 25 \
-j REDIRECT --to 10025
ssh -L 10025:localhost:25 $MAILSERVER
Telnetting to localhost port 10025 still redirects to the mailserver port 25, so
the SSH is working as usual, but when telnetting to $MAILSERVER port 25 the
connection hangs.
This used to work fine until 2.6.15.x, but with 2.6.16-rc[12] this is broken. I
couldn't see anything in the kernel changelog about this, so I'm reporting this
here as a bug.
Attached are 4 pcap-files captured with tcpdump from the loopback, 2 for kernel
2.6.15, 2 for 2.6.16-rc2, one showing the working telnet to localhost 10025 and
one showing the attempted(2.6.16-rc2) and successful(2.6.15) attempt to telnet
to mailserver port 25. BTW, the SSH versions in between tries were the same, as
is the kernel version and configuration of the remote mailserver. If any more
information is needed I'll be happy to provide it.
Kind regards,
WK
--
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.
More information about the netfilter-buglog
mailing list