On Tue, Sep 23, 2003 at 06:25:40PM +0200, Wim Ceulemans wrote: > If I switch CONFIG_IP_NF_NAT_LOCAL off, the forwarding to a pptp server > behind the firewall works. > If switch it on, I don't see any gre packet behind the firewall, so it > does not work. > > However, with CONFIG_IP_NF_NAT_LOCAL on I have had two freezes (firewall > completely stuck and I had to switch it on and off). So to summarize: It works perfectly of it is OFF, but you have problems with DNAT and crashes, if it is ON. That is surprising - it seems like the problems have just been reverting :( Did you do anything in particular when the firewall hang happened? (like unloading/loading a module, ...)? > Regards > Wim -- - Harald Welte <laforge@xxxxxxxxxxxxx> http://www.netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie
Attachment:
pgp00560.pgp
Description: PGP signature
