thr3ads.net - netfilter buglog - [Bug 1613] SSH disconnects when adding Masquerade rule [Sep 2023]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at netfilter.org

2023-Sep-30 15:17 UTC

[Bug 1613] SSH disconnects when adding Masquerade rule

https://bugzilla.netfilter.org/show_bug.cgi?id=1613

Florian Westphal <fw at strlen.de> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |fw at strlen.de

--- Comment #1 from Florian Westphal <fw at strlen.de> ---
This behaviour is expected.
On a clean-slate systen, adding the masquerading rule enables connection
tracking.  Conntrack defaults to mid-stream pickup enabled
(net.netfilter.nf_conntrack_tcp_loose=1).
You can set this to 0 to avoid the pickup.
Or you can restrict the masquerade rule to "ct state new" to avoid nat
kicking
in for picked-up connections.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20230930/2917f0ff/attachment.html>

netfilter buglog - Sep 2023 - [Bug 1613] SSH disconnects when adding Masquerade rule

[Bug 1613] SSH disconnects when adding Masquerade rule