On Sun, Aug 21, 2011 at 06:42:13PM -0500, Troy Davis wrote:
-A POSTROUTING -s 192.168.0.64/26 -o eth1 -m multiport -p udp --dport
53,123 -j MASQUERADE
-A POSTROUTING -s 192.168.0.64/26 -o eth1 -m multiport -p tcp --dport
22,80,119,443 -j MASQUERADE
This config allows packets with private
-A POSTROUTING -s 192.168.0.64/26 -o eth1 -m multiport -p udp --dport 53,123
-j MASQUERADE
-A POSTROUTING -s 192.168.0.64/26 -o eth1 -m multiport -p tcp --dport
22,80,119,443 -j MASQUERADE
This config allows packets with private addresses to escape to eth1. Fix it.
Granted. However,
David, I think we need this in 3.0-stable:
commit 797fd3913abf2f7036003ab8d3d019cbea41affd
Author: Julian Anastasov j...@ssi.bg
Date: Sun Aug 7 09:11:00 2011 +
netfilter: TCP and raw fix for ip_route_me_harder
(Discussed in https://bugzilla.kernel.org/show_bug.cgi?id=39132 and
From: Ben Hutchings b...@decadent.org.uk
Date: Mon, 22 Aug 2011 16:08:00 +0100
David, I think we need this in 3.0-stable:
The change is already in -stable as it went into 3.0-final.
If anything this might suggest that the fix in question is
the cause of this bug, since the commit went in right
On Mon, Aug 22, 2011 at 01:27:24PM -0700, David Miller wrote:
From: Ben Hutchings b...@decadent.org.uk
Date: Mon, 22 Aug 2011 16:08:00 +0100
David, I think we need this in 3.0-stable:
The change is already in -stable as it went into 3.0-final.
If anything this might suggest that the
From: Ben Hutchings b...@decadent.org.uk
Date: Mon, 22 Aug 2011 22:44:14 +0100
On Mon, Aug 22, 2011 at 01:27:24PM -0700, David Miller wrote:
From: Ben Hutchings b...@decadent.org.uk
Date: Mon, 22 Aug 2011 16:08:00 +0100
David, I think we need this in 3.0-stable:
The change is already in
There is a bug in NAT masquerading that is recognized upstream:
https://bugzilla.kernel.org/show_bug.cgi?id=39132
I am able to repeat the above problem in the 3.0 kernel included in
Debian testing (linux-image-3.0.0-1-686-pae, 3.0.0-1). I have
reverted to linux-image-2.6.39-2-686-pae (2.6.39-3)
7 matches
Mail list logo
