bugzilla-daemon@netfilter.org
2003-Jan-31 04:15 UTC
[Bug 33] New: Connection tracking code doesn't track the interface of the connection
https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=33
Summary: Connection tracking code doesn't track the interface of
the connection
Product: netfilter/iptables
Version: linux-2.4.x
Platform: i386
OS/Version: Mandrake Linux
Status: NEW
Severity: normal
Priority: P2
Component: connection tracking
AssignedTo: laforge@netfilter.org
ReportedBy: joseg69@bellsouth.net
CC: netfilter-buglog@lists.netfilter.org
Two internet interfaces, the interfaces are equalized using iproute2. The box
is also performing DNAT and SNAT. What occurs is sometimes is that remote users
are unable to access the DNAT resource. I troubleshoot to the packets going out
the wrong interface using tcpdump. If I add a static route for the remote host
or I disable one of the internet lines (no equalize) then everything works ok
again.
My understanding of the problem is that the connection tracking code doesn't
track the interface of the connection, so the wrong interface is chosen before
un-DNAT'ing and POST-routing time.
------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.
Possibly Parallel Threads
- [Bug 33] Connection tracking code doesn't track the interface of the connection
- [Bug 33] Connection tracking code doesn't track the interface of the connection
- [Bug 498] New: RTP packets are not hitting NAT table
- [Bug 552] New: Strange DNAT behaviour... packet don't pass to PREROUTING and go directly in INPUT !!
- [Bug 71] dnat breaks connection tracking?
Wisdom of the Ancients
