>> -A POSTROUTING -s 192.168.0.64/26 -o eth1 -m multiport -p udp --dport 53,123 >> -j MASQUERADE >> -A POSTROUTING -s 192.168.0.64/26 -o eth1 -m multiport -p tcp --dport >> 22,80,119,443 -j MASQUERADE
> This config allows packets with private addresses to escape to eth1. Fix it. Granted. However, please note the rule immediately before the two you quoted and the source address of the packets in the tcpdump output. I did not do more fact-gathering because I had to get my immediate problem solved right away. Other hosts on the network had the same problem described in the upstream thread. Rebooting the 3.0 kernel solved the problem temporarily, and reverting to 2.6.39 stopped it completely. Someone else in the upstream thread with the same problem has since reported that it's fixed with the mentioned patches. I'm new to this--am I correct in assuming that that means the fix in the kernel that ships with Debian will come from upstream eventually? -- Troy -- To UNSUBSCRIBE, email to debian-kernel-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/capwawvidgbz18qnrypkzbwe8wxbuessxtfrxxzhspj17gcg...@mail.gmail.com
