bugzilla-daemon at netfilter.org
2023-Sep-30 15:17 UTC
[Bug 1613] SSH disconnects when adding Masquerade rule
https://bugzilla.netfilter.org/show_bug.cgi?id=1613 Florian Westphal <fw at strlen.de> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |fw at strlen.de --- Comment #1 from Florian Westphal <fw at strlen.de> --- This behaviour is expected. On a clean-slate systen, adding the masquerading rule enables connection tracking. Conntrack defaults to mid-stream pickup enabled (net.netfilter.nf_conntrack_tcp_loose=1). You can set this to 0 to avoid the pickup. Or you can restrict the masquerade rule to "ct state new" to avoid nat kicking in for picked-up connections. -- You are receiving this mail because: You are watching all bug changes. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20230930/2917f0ff/attachment.html>