Re: 2.4.23 masquerading broken?

From: Patrick McHardy
Date: Tue Dec 02 2003 - 12:27:23 EST

Wilmer van der Gaast wrote:

For security reasons, I upgraded to 2.4.23 last night. Now, suddenly, IP
masquerading seems to be broken. When I use SNAT instead of
masquerading, everything works.

Unfortunately, I think it's hard to reproduce the problem. Right after
booting .23 for the first time, everything seemed to be okay. The
problems started just an hour ago, after having the server running for
fifteen hours without any problems.

Unfortunately there's not much more information I can provide. I can
attach my iptables/rule/route file and keep my machine running in case
anyone needs/wants more information. For now I'll just stick with SNAT.
It works good enough for me.

Can you check the ringbuffer for error messages ? What happens
to the packets when masquerading fails ?

Best regards,

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at
Please read the FAQ at