[Bug 554] Packet illegaly bypassing SNAT

bugzilla-daemon at bugzilla.netfilter.org bugzilla-daemon at bugzilla.netfilter.org
Thu May 17 15:08:20 CEST 2007 

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=554


dimetrios at gmail.com changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Priority|P2                          |P5




------- Additional Comments From dimetrios at gmail.com  2007-05-17 15:08 MET -------
It seems I have the same problem on my gateway:

# iptables -L POSTROUTING -vn -t nat

Chain POSTROUTING (policy ACCEPT 33 packets, 2760 bytes)
 pkts bytes target     prot opt in     out     source               destination
13066  709K SNAT       0    --  *      eth1    0.0.0.0/0            0.0.0.0/0  
        to:x.x.x.x

Tcpdump shows on eth1 this:

14:58:16.683208 IP 192.168.8.10.2422 > 88.212.200.107.80: F 92352869:92352869(0)
ack 4126547816 win 65336
14:58:19.681996 IP 192.168.8.47.3250 > 66.29.38.208.80: F 0:0(0) ack 1 win 64665
14:58:20.883792 IP 192.168.8.47.3254 > 66.246.246.252.80: F 0:0(0) ack 1 win 65535
14:58:20.884042 IP 192.168.8.47.3256 > 66.246.246.252.80: F 0:0(0) ack 1 win 65535
14:58:28.894434 IP 192.168.8.47.3250 > 66.29.38.208.80: F 0:0(0) ack 1 win 64665
14:58:31.698243 IP 192.168.8.47.3254 > 66.246.246.252.80: F 0:0(0) ack 1 win 65535
14:58:31.698413 IP 192.168.8.47.3256 > 66.246.246.252.80: F 0:0(0) ack 1 win 65535
14:58:47.319398 IP 192.168.8.47.3250 > 66.29.38.208.80: F 0:0(0) ack 1 win 64665
14:58:53.327456 IP 192.168.8.47.3254 > 66.246.246.252.80: F 0:0(0) ack 1 win 65535
14:58:53.327618 IP 192.168.8.47.3256 > 66.246.246.252.80: F 0:0(0) ack 1 win 65535
14:58:57.548654 IP 192.168.8.10.2180 > 81.176.228.129.80: F
3548225671:3548225671(0) ack 3177070811 win 64338
14:58:59.529845 IP 192.168.8.10.2180 > 81.176.228.129.80: F 0:0(0) ack 1 win 64338
14:59:03.494637 IP 192.168.8.10.2180 > 81.176.228.129.80: F 0:0(0) ack 1 win 64338
14:59:11.432915 IP 192.168.8.10.2180 > 81.176.228.129.80: F 0:0(0) ack 1 win 64338
14:59:24.069217 IP 192.168.8.47.3250 > 66.29.38.208.80: F 0:0(0) ack 1 win 64665
14:59:27.452176 IP 192.168.8.10.2180 > 81.176.228.129.80: F 0:0(0) ack 1 win 64338
14:59:36.486054 IP 192.168.8.47.3254 > 66.246.246.252.80: F 0:0(0) ack 1 win 65535
14:59:36.486225 IP 192.168.8.47.3256 > 66.246.246.252.80: F 0:0(0) ack 1 win 65535


-- 
Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You reported the bug, or are watching the reporter.

More information about the netfilter-buglog mailing list