[Bug 1773] tproxy with nftables collides with nat entries
bugzilla-daemon at netfilter.org
bugzilla-daemon at netfilter.org
Fri Sep 13 14:39:21 CEST 2024
https://bugzilla.netfilter.org/show_bug.cgi?id=1773
--- Comment #6 from Pablo Neira Ayuso <pablo at netfilter.org> ---
not applicable, for the record see:
https://lore.kernel.org/netfilter-devel/ZuQpbnjAoutXEFUj@orbyte.nwl.cc/T/
a patch to document this behaviour has been proposed instead.
I remembered that tproxy is not terminal in nftables to fix the hack in
xt_TPROXY to mangle the packet mark. nftables is more flexible in this regard
because user could want to make more actions on the packet after validating
that the socket is transparent.
--
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20240913/460fe4e4/attachment.html>
More information about the netfilter-buglog
mailing list