Public bug reported:
There seems to be a slight problem with iptables + adapter aliases.
Take the alias eth0:1 for example...
ifconfig eth0:1
eth0:1 Link encap:Ethernet HWaddr 00:25:90:eb:cb:ae
inet addr:158.69.167.64 Bcast:158.69.255.255 Mask:255.255.0.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
1) This rule works + seems incorrect (notice -i rather than -i eth0:1)
iptables -w -t nat -A PREROUTING -i eth0 -p tcp --dst
158.69.167.64 --dport 80 -j DNAT --to 10.0.3.189 80
2) This rule fails + seems correct (notice -i eth0:1)
iptables -w -t nat -A PREROUTING -i eth0:1 -p tcp --dst
158.69.167.64 --dport 80 -j DNAT --to 10.0.3.189 80
In #2 the rule is consumed without generating any error.
Seems like either eth0:1 should be accepted + should work or should
generate an error.
The iptables man page says -i is the "Name of an interface via which a
packet was received" so I'm guessing anytime -i is passed with an alias,
then the correct action is to either generate an error + die or better
generate a warning that the alias has been converted to the base
interface (any :\d+ has been stripped).
This is a low priority item + at the same time can suck a huge amount of
time debugging.
** Affects: iptables (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1492837
Title:
iptables nat prerouting slight problem with adapter aliases
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iptables/+bug/1492837/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
