Since the last update, i have several problems with iptables. I have a firewall with several nics built-in. -> i have forwarding enabled (/proc/sys/net/ipv4/ip_forward = 1) -> i have no further forwarding rule in iptables, except the default one -> i inserted source-nat-rules on the outgoing devices -> with squid, i use the transparent-proxying-script -> that script redirects all queries on port 80 to port 3128 (where squid is listen on) -> for the inner lan, the nic is trusted so, since the last update, no forwarding, except passing through squid (web only), and only if i configure firefox with the proxy-settings. No redirection from outgoing port 80 to 3128 is done by iptables. It also seems, that masquerading does no longer work on the outgoing interfaces. Are there known issues about iptables or the last kernel? Thanks for your help. Roger ---- i was fiddling a little bit yesterday, and i inserted in /etc/sysconfig (which isn't a real lucky solution) in lines 3 and 4 forwarding information: -A FORWARD -i eth0 -j ACCEPT -A FORWARD -i tun0 -j ACCEPT and since then, checking with iptables -L -v i see, that those forwarding rules are counting packets. What is not counting packets at all is SNAT in the nat table. Is there an error within iptables? I use the following rules: /sbin/iptables -A POSTROUTING -t nat -o eth0 -j SNAT --to-source x.y.z.c i use this 4 times for all my several subnets, and this has been working perfect until the last upgrade :( Did i miss something? Thanks in advance, Roger -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list