On 22.10.2013 16:33, Pekka Pietikäinen wrote:
After a kernel update to 3.11 (feat. commit
...
and the 3-way handshake never finishes. Without -m socket (or with the
new --nowildcard) it does.
Bug, feature or end-user cluelessness? (no problem fixing my ruleset,
but it's still a behaviourial change :P )
I have to say, that there is something fishy in 3.11 netfilter.
nat-table MASQUERADE used to work, but doesn't anymore. I don't know if
it is generic to kernel, or Fedora Linux -specific, but I'd appreciate
if somebody could confirm that I'm right or wrong. On my box, I'm
running KVM and have bridged interfaces for KVM, but I did disable both
of them and MASQUERADE still fails.
My guess is that the problems you mention and I can observe in my box
are not common enough for people to notice.
Reference: https://bugzilla.redhat.com/show_bug.cgi?id=1016739
Regards,
Jari Turkia
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
