Hi Stephen, On 4/13/05, Stephen Beck <becks@xxxxxxxxxxxx> wrote: > > can anyone get me on to the next step: > Unfortionately, "fast nat" is broken on 2.6 kernels, due to the ipsec code that went in. It should actually be removed. Apparently, even RH 2.4 kernels with the ipsec code are broken: https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=126611 See also: http://mailman.ds9a.nl/pipermail/lartc/2004q4/014307.html And the thread at: http://marc.theaimsgroup.com/?l=linux-netdev&m=109582576330019&w=2 So I guess you're better off trying something like the NETMAP target in iptables. Regards, Filip
