[Bugme-new] [Bug 4206] New: NAT/Masquerade not working

bugme-daemon at osdl.org bugme-daemon at osdl.org
Sun Feb 13 06:09:36 PST 2005


http://bugme.osdl.org/show_bug.cgi?id=4206

           Summary: NAT/Masquerade not working
    Kernel Version: 2.6.9
            Status: NEW
          Severity: blocking
             Owner: laforge at gnumonks.org
         Submitter: virtualman at gmx.de


Distribution: Gentoo

Hardware Environment:
sparc64 (Sun Ultra 10)

Software Environment:
Gentoo Linux, Kernel 2.6.9 and 2.6.10

Problem Description:
NAT/Masquerade is not working. On kernel 2.6.8.1 it is working, on 2.6.9 and up
it is not. I suspect it has something to do with ip_conntrack_expect.

All masqueraded/NAT'd connections show up as UNREPLIED in
/proc/net/ip_conntrack, /proc/net/ip_conntrack_expect is empty. I have tested
this on both 2.6.9 and 2.6.10.

On 2.6.8.1, connections show up as ASSURED in /proc/net/ip_conntrack, and there
is no /proc/net/ip_conntrack_expect. Masqueraded connections are fine.

iptables version is 1.2.11.

Steps to reproduce:
Using kernel 2.6.9 on a sparc64, set up a MASQUERADE or SNAT rule in the
POSTROUTING chain of the nat-table, enable ip_forward, and have a machine in
your local network try open a connection routed through the NAT-machine.

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.



More information about the Bugme-new mailing list