J.A. Magallon wrote:
> And I also get this on syslog:
>
> Sep 11 02:56:58 werewolf kernel: MASQUERADE: eth0 ate my IP address
> Sep 11 02:56:58 werewolf kernel: MASQUERADE: eth0 ate my IP address
Thanks, I'm pretty sure its caused by this patch. The problem is that
pump uses a regular UDP socket (some other dhcp clients use AF_PACKET
sockets), and packet sent by it are also handled by iptables. The
MASQUERADE rule can't find a local IP address and drops the packet.
I'm not sure how to fix it yet, reverting the patch is not a good
option.
[NETFILTER]: Don't exclude local packets from MASQUERADING
Increases consistency in source-address selection.
Signed-off-by: Patrick McHardy <[email protected]>
Signed-off-by: David S. Miller <[email protected]>
---
commit 9baa5c67ff4ce57b6b9f68c90714a1bb876fccd7
tree 27f2c48e12e1bb5e3e6d5f8320651c213892ed20
parent fb13ab2849074244a51ae5147483610529a29ced
author Patrick McHardy <[email protected]> Sun, 14 Aug 2005 17:32:50 -0700
committer David S. Miller <[email protected]> Mon, 29 Aug 2005 15:58:36 -0700
net/ipv4/netfilter/ipt_MASQUERADE.c | 5 -----
1 files changed, 0 insertions(+), 5 deletions(-)
diff --git a/net/ipv4/netfilter/ipt_MASQUERADE.c b/net/ipv4/netfilter/ipt_MASQUERADE.c
--- a/net/ipv4/netfilter/ipt_MASQUERADE.c
+++ b/net/ipv4/netfilter/ipt_MASQUERADE.c
@@ -86,11 +86,6 @@ masquerade_target(struct sk_buff **pskb,
IP_NF_ASSERT(hooknum == NF_IP_POST_ROUTING);
- /* FIXME: For the moment, don't do local packets, breaks
- testsuite for 2.3.49 --RR */
- if ((*pskb)->sk)
- return NF_ACCEPT;
-
ct = ip_conntrack_get(*pskb, &ctinfo);
IP_NF_ASSERT(ct && (ctinfo == IP_CT_NEW || ctinfo == IP_CT_RELATED
|| ctinfo == IP_CT_RELATED + IP_CT_IS_REPLY));
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
| |
 |