help with fast nat

Filip Sneppe filip.sneppe at gmail.com
Thu Apr 14 09:42:26 CEST 2005


Hi Stephen,

On 4/13/05, Stephen Beck <becks at marietta.edu> wrote:

> 
> can anyone get me on to the next step:
> 

Unfortionately, "fast nat" is broken on 2.6 kernels, due to the ipsec code
that went in. It should actually be removed. Apparently, even RH 2.4 kernels 
with the ipsec code are broken:

https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126611

See also:
http://mailman.ds9a.nl/pipermail/lartc/2004q4/014307.html

And the thread at:
http://marc.theaimsgroup.com/?l=linux-netdev&m=109582576330019&w=2

So I guess you're better off trying something like the NETMAP target
in iptables.

Regards,
Filip



More information about the netfilter mailing list