thr3ads.net - netfilter buglog - [Bug 1501] New: issue with DNAT port range [Feb 2021]

If this information is useful, please help other people find it:
Share via:

bugzilla-daemon at netfilter.org

2021-Feb-12 10:03 UTC

[Bug 1501] New: issue with DNAT port range

https://bugzilla.netfilter.org/show_bug.cgi?id=1501

            Bug ID: 1501
           Summary: issue with DNAT port range
           Product: nftables
           Version: unspecified
          Hardware: x86_64
                OS: Debian GNU/Linux
            Status: NEW
          Severity: normal
          Priority: P5
         Component: nft
          Assignee: pablo at netfilter.org
          Reporter: arturo at netfilter.org

Original bug report in the Debian bug tracker:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=970672

When I try to dnat:

ip daddr $ext_ip tcp dport 55900-55910 dnat to $target_lan_host:5900-5910
persistent

I want to dnat 55900 to 5900, 55901 to 5901...55910 to 5910.
But all range 55900-55910 was redirected into first single port 5900

If i try :

ip daddr $ext_ip tcp dport 5900-5910 dnat to $target_lan_host:5900-5910
persistent

its work well, all port was redirected properly

This was present at least in nftables 0.9.6, but not sure if a kernel component
is also responsible for this behavior.

-- 
You are receiving this mail because:
You are watching all bug changes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<http://lists.netfilter.org/pipermail/netfilter-buglog/attachments/20210212/bb55d65f/attachment.html>

netfilter buglog - Feb 2021 - [Bug 1501] New: issue with DNAT port range

[Bug 1501] New: issue with DNAT port range