[Bug 554] Packet illegaly bypassing SNAT

bugzilla-daemon at bugzilla.netfilter.org bugzilla-daemon at bugzilla.netfilter.org
Wed Apr 25 15:38:07 CEST 2007


------- Additional Comments From neo at horse21.net  2007-04-25 15:38 MET -------
It seems to me that I have the same source of problem.
I have a linux router with BGP support using quagga.
I have 3 independent providers. Interfaces for them are:


Rules in postrouting:

iptables -t nat -A POSTROUTING -o inet-1 -j snat-bgp
iptables -t nat -A POSTROUTING -o inet-2 -j snat-bgp
iptables -t nat -A POSTROUTING -o inet-3 -j snat-bgp

So all snat rules are in the same snat-bgp table.

Everything work fine for DNAT, but for SNAT there is a problem.
It(SNAT) stop working after routing change(outgoing interface change).
I need to restart my firewall script(nothing changes).
And everything is fine again.

I can`t understand this situation.

Any help apreciated.
You can contact me by the neo -=at=- horse21.net e-address.

Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.

More information about the netfilter-buglog mailing list