The netfilter NAT core cannot deal with more than one NAT hook
per hook location (prerouting, input ...), because the NAT hooks install
a NAT null binding in case the iptables nat table (iptable_nat hooks)
or the corresponding nftables chain (nft nat hooks) doesn't specify a nat
transformation.
C
The commit is pushed to "branch-rh7-3.10.0-1160.11.1.vz7.172.x-ovz" and will
appear at https://src.openvz.org/scm/ovz/vzkernel.git
after rh7-3.10.0-1160.11.1.vz7.172.5
-->
commit bd3f66019d759e8d366bee23679092c7cd30f5ae
Author: Vasily Averin
Date: Mon Dec 28 09:52:43 2020 +0300
nat: al
On 12/28/2020 09:46 AM, Vasily Averin wrote:
The netfilter NAT core cannot deal with more than one NAT hook
per hook location (prerouting, input ...), because the NAT hooks install
a NAT null binding in case the iptables nat table (iptable_nat hooks)
or the corresponding nftables chain (nft nat h
