Just to make sure, i have compiled kernel 2.4.31 and also switched back to 1.2.11 iptables. But nothing changed. Still the packets don't get SNAT-ed and there has been no hit on SNAT rule for about an hour (packets are sent every ten seconds or so). This only applies to UDP packets. Now i have noticed the same problem on another of my machines. Since its not only me having problems, maybe its some well-hidden bug in the netfilter? As a side note: both routers that are having this problem are diskless machines with root-over-nfs (mostly R/O) could this be any issue? Marek On Tuesday 04 of October 2005 09:09, bernin_a@xxxxxxxxxxxxxxxxxxxxxxxxx wrote: > > Hi, > > Hi all! > > > I have been having problems with this for some time now. Some packets are > > not processed correctly by iptables. This applies only to POSTROUTING > > chain in NAT table. > > I have almost the same problem here. Some packets don't seem to traverse > the POSTROUTING chain of the nat table and don't get Snatted, but i can see > them in the mangle table (POSTROUTING) chain. It is also UDP traffic, and i > am sure that the nat does not work cause cause i can see the not-natted > traffic on another machine (where the packets get dropped by the firewall). > I am also able to log this traffic in the POSTROUTING chain of table > mangle, if i try to log them in POSTROUTING of the nat table, they don't > get there. But, this does not occur with all connections, some are natted > correctly. > > --arne > > > > _________________________________________________ > Versendet über Webmail der HAW Hamburg > http://www.haw-hamburg.de/webmail
