Displaying 20 results from an estimated 4000 matches similar to: "[Bug 693] SNAT is failing to maquerade some TCP RST packets"
2011 Dec 05
6
[Bug 693] SNAT is failing to maquerade some TCP RST packets
http://bugzilla.netfilter.org/show_bug.cgi?id=693
--- Comment #5 from www at applejelly.org 2011-12-05 01:26:07 ---
Created an attachment (id=370)
--> (http://bugzilla.netfilter.org/attachment.cgi?id=370)
A test case
SNAT fails to maquerade some TCP CWR, TCP ECN, TCP URG, TCP ACK, and TCP PSH
packets
--
Configure bugmail: http://bugzilla.netfilter.org/userprefs.cgi?tab=email
-------
2012 Dec 06
0
[Bug 693] SNAT is failing to maquerade some TCP RST packets
http://bugzilla.netfilter.org/show_bug.cgi?id=693
Jozsef Kadlecsik <kadlec at netfilter.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #11 from Jozsef Kadlecsik
2012 Jul 04
0
[Bug 693] SNAT is failing to maquerade some TCP RST packets
http://bugzilla.netfilter.org/show_bug.cgi?id=693
Myroslav Opyr <myroslav at quintagroup.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |myroslav at quintagroup.com
OS/Version|Ubuntu |All
--- Comment #10 from
2006 Nov 06
3
Ingress qdisc bypassed on SNAT''ed traffic?
Hello,
I am using the following iptables POSTROUTING rule to NAT some RFC
1918 addresses:
iptables -t nat -A POSTROUTING -s 192.168.19.23 !
192.168.0.0/255.255.0.0 -p tcp --dport 80 -j SNAT --to-source
10.32.4.2
(I am using SNAT instead of MASQUERADE for performance reasons).
I have several addresses on the 192.168.0.0/16 subnet that I am
SNAT''ing similarly.
Problem is, ''tc
2005 Nov 23
0
Source based routing, some TCP packets not SNAT-ed
Hello,
I have a problem with the following setup, I hope you can help me.
I have two internet gateways, one for LAN1 and the second for LAN2.
+--------------+
GW1 more eth0| |eth4(SNAT) GW2
---...routers...-----+ router +-----------------
| |
+---+------+---+
eth1|
2013 Oct 01
0
[Bug 755] change bugzilla account e-mail
https://bugzilla.netfilter.org/show_bug.cgi?id=755
David Davidson <david at commroom.net> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|FIXED |
--- Comment #3 from David Davidson <david at
2008 Feb 12
2
About NAT MAQUERADE
Hello everybody, ?'m want to create a maquerade for my lan in the firewall server I know i can use:
iptables -t nat -A POSTROUTING -o external-interface -j MASQUERADE
but I want to use this nat only for some IPs
How can i restrict the nat maswuerade for an IP or Ip range?
regards Roilan
______________________________________________
?Con Mascota por primera vez? S? un mejor
2006 Oct 10
1
flac improvement??
hello my name is Ludovico Ausiello, i'm a ph.d at the university of Bologna
and I've developped an open source alternative to proprietary philips
superAudioCD encoder (that actually cost some thousands dollars!) that has
better performance (it's seems strange.. but..) I'm interested to use the
flac encoder to compress the 1-bit stream that is the output of my encoder
(I start
2013 Jun 20
0
[Bug 751] IPv6 bridging bug
https://bugzilla.netfilter.org/show_bug.cgi?id=751
--- Comment #6 from David Davidson <david at commroom.net> 2013-06-21 00:45:53 CEST ---
Hi Phil:
I apologize for the delay. I wanted to test this on another kernel again but
haven't had a chance since your last post. I will say that I was going to test
a few months ago but with the last kernel I tested (I think it was from 2012),
I had
2003 Oct 17
5
Question on sNAT for multiple external subnets
I''m wondering if the following is possible under recent versions of
shorewall:
1. We have several class-C networks from both UUNet and Internap, both of
which are actually routed over a single inbound ethernet line from UUNet
at our colocation facility: 204.176.148.0/23 and 216.52.83.0/24. This
gives us a total of 3 class-C subnets. All packets for these three subnets
would land on
2011 Dec 05
0
[Bug 763] New: dnat and snat not changing port numbers on sctp packets
http://bugzilla.netfilter.org/show_bug.cgi?id=763
Summary: dnat and snat not changing port numbers on sctp packets
Product: netfilter/iptables
Version: linux-2.6.x
Platform: x86_64
OS/Version: RedHat Linux
Status: NEW
Severity: normal
Priority: P3
Component: NAT
AssignedTo: netfilter-buglog at
2008 Sep 05
1
Weird TCP problem
Last week, I started seeing very strange behavior in one of the networks
that I manage.
The office LAN uses a Linux firewall which masquerades their
workstations over their DSL connection. There are probably ~75
workstations in the office LAN.
Their mail server is in a collocated facility nearby. That server has
an RFC1918 address; its router does SNAT to forward packets to the system.
Both
2004 Apr 23
1
Proposed RST patch
Here's my proposed patch to change RST handling so that ESTABLISHED
connections are subject to strict RST checking, but connections in other
states are only subject to the "within the window" check. Part 2 of the
patch is simply a patch to netstat so that it displays the statistic.
As expected, it's very straightforward, the only real question is what to
call the statistic...
2018 Feb 15
2
[Bug 1227] New: Current conntrack state isn't considered when evaluating multiple SNAT rules
https://bugzilla.netfilter.org/show_bug.cgi?id=1227
Bug ID: 1227
Summary: Current conntrack state isn't considered when
evaluating multiple SNAT rules
Product: netfilter/iptables
Version: unspecified
Hardware: All
OS: other
Status: NEW
Severity: enhancement
Priority: P5
2020 Aug 04
0
[Bug 1448] New: SNAT/DNAT/Masquerading not working for UDPLite protocol
https://bugzilla.netfilter.org/show_bug.cgi?id=1448
Bug ID: 1448
Summary: SNAT/DNAT/Masquerading not working for UDPLite
protocol
Product: netfilter/iptables
Version: unspecified
Hardware: x86_64
OS: other
Status: NEW
Severity: normal
Priority: P5
Component: NAT
2004 Jan 15
2
Crypto API and Shorewall
A number of you are flailing around trying to get the subject combination to
work.
You should all be aware that there are parts of this that don''t currently work
and that won''t work well until there are enhancements made to Shorewall (and
probably to Netfilter).
I. There is no clean way currently to support Road Warriors from a
Masquerading Netfilter firewall/gateway. As
2013 Sep 11
8
[Bug 851] New: IPv6 SNAT target with --random doesn't work
https://bugzilla.netfilter.org/show_bug.cgi?id=851
Summary: IPv6 SNAT target with --random doesn't work
Product: netfilter/iptables
Version: unspecified
Platform: x86_64
OS/Version: All
Status: NEW
Severity: normal
Priority: P5
Component: NAT
AssignedTo: netfilter-buglog at lists.netfilter.org
2004 Sep 14
1
start error "invalid interface" on shorewall 2.08
I have a dsl modem and two static IP addresses: 66.17.65.22
and 66.17.65.161. I am using the standard configuration from
the Shorewall Setup Guide for multiple IP addresses and
modifications suggested by the Aliased Interfaces Guide.
I want to set up a shorewall 2.08 router for my home (Fedora
Core 2 / kernel 2.6.8-1.521). I want share an internet connection with some pc''son a local
2002 Oct 25
3
Neighbour table overflow
--kXdP64Ggrk/fb43R
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hello everyone,
I''m using Shorewall 1.2.12-1 on Debian 3.0, with the 2.4.17 kernel. I
am seeing some interesting log entries, and after reading the
documentation at Google and netfilter.org I have a couple questions.
To begin, here are the entries I am
2003 Feb 04
1
Totally SNAT confused :)
Hi !
I have setup a complete shorewall now with DMZ, and Private zones and
masq, rules, port-forwarding etc. worx like expected.
BUT
I have a wish to use a couple of more public IP''s and relate those to
inernal servers on the DMZ zone and i am now so confused about it. I have
searched this archive for SNAT port allow
Setup:
3 public adresses on the WAN nic. lets call them 80.80.80.80 -