Hi all, I'm trying out kernel 3.6 at the moment and all is well except for 1 thing. NAT / masquerading does no longer seem to work.
Has anyone seen an announcement of netfilter changes in this regard? I didn't. I have a qemu/kvm windows instance on my tap1 interface. The host is connected through wlan0 itself and as wireless devices cannot join a bridge, I've been using simple masquerading for some time. Just a simple "-A POSTROUTING -s 10.4.2.0/24 -o wlan0 -j MASQUERADE" in the nat table, combined with turning on ip-forwarding. With kernel 3.6, forwarding seems on, and iptables-save gives me the same output as on kernel 3.5 Sniffing with tcpdump, I notice the following when I try to ping an external host: - incoming ping from 10.4.2.2 to X on tap1 - outgoing ping from 192.168.178.42 to X on wlan0 - incoming pong from X to 192.168.178.42 on wlan0 - nothing So it appears the masquerading itself works, but the kernel is not able to map the reply back to the sender. As stated, same modules as on 3.5, so connection tracking, nat, masquerading are all enabled. Any suggestions on how to debug this further? Thanks Mathijs _______________________________________________ nix-dev mailing list [email protected] http://lists.science.uu.nl/mailman/listinfo/nix-dev
