* [PATCH] doc: Add a note about route_localnet sysctl
[not found] <CGME20250821103902eucas1p106756dd599b2e77f0fdd468d694e94f0@eucas1p1.samsung.com>
@ 2025-08-21 10:38 ` Łukasz Stelmach
2025-08-21 14:22 ` Florian Westphal
0 siblings, 1 reply; 2+ messages in thread
From: Łukasz Stelmach @ 2025-08-21 10:38 UTC (permalink / raw)
To: netfilter-devel; +Cc: Marek Szyprowski, Łukasz Stelmach
See ip_route_input_slow() in net/ipv4/route.c in the Linux
kernel sources.
Signed-off-by: Łukasz Stelmach <l.stelmach@samsung.com>
---
doc/statements.txt | 5 +++++
1 file changed, 5 insertions(+)
diff --git doc/statements.txt doc/statements.txt
index 4aeb0a73..6226713b 100644
--- doc/statements.txt
+++ doc/statements.txt
@@ -459,6 +459,11 @@ netfilter and therefore no reverse translation will take place.
The optional *prefix* keyword allows to map *n* source addresses to *n*
destination addresses. See 'Advanced NAT examples' below.
+If the 'address' for *dnat* is an IPv4 loopback address
+(i.e. 127.0.0.0/8) the "net.ipv4.conf.*.route_localnet" sysctl for the
+input interface needs to be set to 1. Otherwise packets will be
+dropped by the routing code as "martians".
+
.NAT statement values
[options="header"]
|==================
--
2.39.5
^ permalink raw reply related [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-08-21 14:22 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <CGME20250821103902eucas1p106756dd599b2e77f0fdd468d694e94f0@eucas1p1.samsung.com>
2025-08-21 10:38 ` [PATCH] doc: Add a note about route_localnet sysctl Łukasz Stelmach
2025-08-21 14:22 ` Florian Westphal
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.