Re: kernel 2.6 ipsec and DNAT

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Alexander Samad <alex@samad.com.au>
To: netfilter@lists.netfilter.org
Subject: Re: kernel 2.6 ipsec and DNAT
Date: Fri, 10 Sep 2004 16:59:29 +1000	[thread overview]
Message-ID: <20040910065929.GY6074@samad.com.au> (raw)
In-Reply-To: <20040910081322.1a2e843a@xenia.leun.net>

[-- Attachment #1: Type: text/plain, Size: 1312 bytes --]

On Fri, Sep 10, 2004 at 08:13:22AM +0200, Michael Leun wrote:
> Hello,
> 
> On Sat, 4 Sep 2004 08:31:15 +1000
> Alexander Samad <alex@samad.com.au> wrote:
> 
> > > The problem I am encountering now is that it seems that DNAT is not 
> > > working when the d-natted session is from a tunneled site. My settup
> > > is 
> [...]
> > > Is there any problem like this under the current 2.6.8 kernel ? Do
> > > you have any idea to try to bypass the problem ?
> 
> 
> > This is a known problem with netfilter and 2.6 and ipsec with the
> > native stack, there are fixs in pom-ng (Patch o matic), but this means
> > building your own kernel as it patches the kernel and the netfilter
> > modules.  Not to bad though, been doing this for a while and haven't
> > had any majour problems
> 
> But, as far as I know, the patches in pom-ng (even cvs) do not work
> since 2.6.7.

This might be the case as I haevn't looked at it since 2.6.7
> 
> I mailed the author of this patches (Patrick McHardy) and he told me two
> times he is going to fix this RSN(tm) - but unfortunately does seem to
> have not had time to do it yet.
> 
> Have I overlooked something, or is there indeed no working solution for
> 2.6.8? Has anybody fixed the patches?
> 
> -- 
> Bye,
> 
> Michael Leun
> 
> 
> 

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 189 bytes --]

next prev parent reply	other threads:[~2004-09-10  6:59 UTC|newest]

Thread overview: 8+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-09-03 17:01 kernel 2.6 ipsec and DNAT Alain RICHARD
2004-09-03 22:31 ` Alexander Samad
2004-09-10  6:13   ` Michael Leun
2004-09-10  6:59     ` Alexander Samad [this message]
  -- strict thread matches above, loose matches on Subject: below --
2004-09-13  9:48 Javier Sanchez
2004-09-13 10:29 ` Brent Clark
2004-09-13 10:32   ` Javier Sanchez
2004-09-16  5:25   ` Michael Leun

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20040910065929.GY6074@samad.com.au \
    --to=alex@samad.com.au \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.