Displaying 20 results from an estimated 2000 matches similar to: "[Bug 1428] New: Unable to dnat to port without defining destination address in inet table"
2016 Jun 07
5
[Bug 1073] New: inet-service vs icmp conflict
https://bugzilla.netfilter.org/show_bug.cgi?id=1073
Bug ID: 1073
Summary: inet-service vs icmp conflict
Product: nftables
Version: unspecified
Hardware: x86_64
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
Reporter:
2013 May 04
0
[Bug 514] Making DNAT --to-destination resolve service named of port
https://bugzilla.netfilter.org/show_bug.cgi?id=514
Richard Clark <richardc at cybrick.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
CC| |richardc at cybrick.com
Resolution|DUPLICATE
2012 Sep 24
4
Overriding variables.
I am trying to override variables in a class that is defined in the default
node profile. I want parent class to be included in every single node, but
override its variables in others. I have tried it several different ways
now, and every single time the variables either become unset (undefined) or
are set to the value of the first if statement.
Here is my current iteration of failure.
2008 Nov 13
1
Need destination zone with DNAT- in shorewall-perl 4.2.1?
On September 5, Tom wrote:
> In Shorewall 4.2, you can leave the ''loc:'' out of the DNAT- rule.
I tried that just now (shorewall-perl 4.2.1), and I got an error:
Checking...
WARNING: Destination zone (172.29.0.29) ignored : /etc/shorewall/rules
(line 38)
ERROR: Unknown Host (0.0.0.0/0) : /etc/shorewall/rules (line 38)
where 172.29.0.29 is the destination address on
2006 Sep 19
0
[Bug 514] New: Making DNAT --to-destination resolve service named of port
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=514
Summary: Making DNAT --to-destination resolve service named of
port
Product: netfilter/iptables
Version: linux-2.6.x
Platform: All
OS/Version: All
Status: NEW
Severity: enhancement
Priority: P2
Component: ip_tables (kernel)
2017 Oct 12
0
[ANNOUNCE] nftables 0.8 release
Hi!
The Netfilter project proudly presents:
nftables 0.8
This release contains new features available up to the (upcoming)
Linux 4.14 kernel release:
* Support for stateful objects, these objects are uniquely identified by
a user-defined name, you can refer to them from rules, and there is a
well established interface to operate with them, eg.
# nft add counter filter test
2013 Sep 10
4
[Bug 850] New: DNAT applied even after deleting the IP Tables DNAT Rule
https://bugzilla.netfilter.org/show_bug.cgi?id=850
Summary: DNAT applied even after deleting the IP Tables DNAT
Rule
Product: iptables
Version: 1.4.x
Platform: All
OS/Version: All
Status: NEW
Severity: major
Priority: P5
Component: iptables
AssignedTo: netfilter-buglog at
2013 Aug 27
0
[Bug 514] Making DNAT --to-destination resolve service named of port
https://bugzilla.netfilter.org/show_bug.cgi?id=514
Phil Oester <netfilter at linuxace.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
AssignedTo|laforge at netfilter.org |netfilter-buglog at lists.netf
| |ilter.org
--
Configure
2005 Jun 22
0
Issue migrating from 1.4.6c to 2.4.0 with all zone in DNAT rule
Hi all,
net : internet zone
dmz : DMZ zone
Lan : local network zone
in 1.4.6c this rule :
DNAT all lan:10.0.0.1 tcp http - 192.0.0.1
does generate the following iptables rules in nat table :
Chain OUTPOUT
DNAT tcp -- 0.0.0.0/0 192.0.0.1 tcp dpt:http to:10.0.0.1
Chain net_dnat
DNAT tcp -- 0.0.0.0/0 192.0.0.1 tcp dpt:http to:10.0.0.1
Chain dmz_dnat
2005 Jun 01
0
SNAT (or MASQUERADING) and DNAT question
Hi,
The private adresses (192.168.254.0/255.255.255.0) of my network are sent
dynamically by dhcp on my network. The dhcp server is on the firewall which
address is 192.168.254.1/255.255.255.255 (this address is static).
I''ve got a rsync server on this network which is on a separe server. His
address is 192.168.254.200/255.255.255.255 (this address is static).
I want that the users
2006 Apr 14
0
[Bug 471] New: UDP stream DNAT problem
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=471
Summary: UDP stream DNAT problem
Product: netfilter/iptables
Version: linux-2.6.x
Platform: All
OS/Version: All
Status: NEW
Severity: normal
Priority: P2
Component: NAT
AssignedTo: laforge@netfilter.org
ReportedBy:
2004 Sep 10
1
Is ProxyARP or NAT entries really neccesary for DNAT to work?
I have been trying to get DNAT to work and I actually have succeeded
too, however, not how I thought it would work when reading through the
documentation.
1. No matter what I do I cannot get DNAT to work unless I have an entry
in eiter the nat or the proxyarp file. Is that really how it''s supposed
to be? I can''t find anything about it in the documentation.
2. Also, in the
2020 Apr 18
4
[Bug 1423] New: iptables-translate silently discards --ctstate DNAT
https://bugzilla.netfilter.org/show_bug.cgi?id=1423
Bug ID: 1423
Summary: iptables-translate silently discards --ctstate DNAT
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P5
Component: iptables over nftable
2005 Apr 27
1
Problems with DNAT
Hi, i''m a shorewall users and i have the following problem:
I have one class C range of IP''s and i have three zones (net, dmz , loc)
I need create one rule to dnat one valid ip address (but not in use in
one computer) to one invalid host in my loc zone.
How i do?
I try this:
DNAT net:200.200.200.200 dmz:200.193.137.38 tcp
137,138,139,445 -
2013 Sep 19
0
DNAT from external to a internal device which doesn't have default gateway
I need to access externally (via Internet) one device in internal network
which has no default gateway configured.
As the device doesn''t have default gateway, the response to SYN (ie,
SYN/ACK) don''t come back to Internet.
What I need is a setup to make this connection appears to come from
firewall''s internal IP address instead of the public IP of originating
requester
2016 Mar 08
2
[Bug 1056] New: nft: Syntax error with dnat as ct state
https://bugzilla.netfilter.org/show_bug.cgi?id=1056
Bug ID: 1056
Summary: nft: Syntax error with dnat as ct state
Product: nftables
Version: unspecified
Hardware: All
OS: All
Status: NEW
Severity: normal
Priority: P5
Component: nft
Assignee: pablo at netfilter.org
2017 Jun 29
1
[Bug 1160] New: dnat ip address not shown in nft list output when using port value
https://bugzilla.netfilter.org/show_bug.cgi?id=1160
Bug ID: 1160
Summary: dnat ip address not shown in nft list output when
using port value
Product: nftables
Version: unspecified
Hardware: x86_64
OS: Fedora
Status: NEW
Severity: normal
Priority: P5
Component: nft
2004 Jan 21
3
FW: DNAT and masq problem with kernel 2.4.23
Hi,
after kernel upgrade to 2.4.23 my existing configuration of shorewal 1.4.8
will not start / it fail on DNAT and/or masq with message: "iptables:
Invalid argument" /
I founded some similar problems description - see links bellow, but there is
no solution how to get work shorewall with DNAT and masq with 2.4.23 kernel.
http://www.ussg.iu.edu/hypermail/linux/kernel/0312.0/0268.html
2006 Feb 21
1
[Bug 452] New: DNAT to internal network don't work with source routing and 2 uplinks
https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=452
Summary: DNAT to internal network don't work with source routing
and 2 uplinks
Product: netfilter/iptables
Version: linux-2.6.x
Platform: i386
OS/Version: Debian GNU/Linux
Status: NEW
Severity: normal
Priority: P2
2004 Jun 06
0
DNAT question
Hi
This is an odd question. But here it is. I have two hosts both with two
nicks physically in two different countries. One host I have DNAT set up on
such that all traffic is forwarded to the second host.
iptables -t nat -A PREROUTING -d 0.0.0.0 -j DNAT --to-destination
second_host_ip
But what I am trying to imagine is how can I get the second host to un-DNAT
the traffic from the