> Just to make sure, i have compiled kernel 2.4.31 and also switched back to > > 1.2.11 iptables. But nothing changed. Still the packets don't get SNAT-ed > and > there has been no hit on SNAT rule for about an hour (packets are sent ever > y ten seconds or so). This only applies to UDP packets. > > Now i have noticed the same problem on another of my machines. Since its not > only me having problems, maybe its some well-hidden bug in the netfilter? > If so, it has been there for quite a while. I am using kernel 2.4.27 (with grsecurity patches)... It seems there is only a problem with UDP here, too... Are your machines under heavy load ? We have a constant rate of at least 5 mbit running over this machines...they are not very busy, though. > As a side note: both routers that are having this problem are diskless > machines with root-over-nfs (mostly R/O) could this be any issue? > i don't even have nfs compiled in ;-) > Marek > > --arne _________________________________________________ Versendet über Webmail der HAW Hamburg http://www.haw-hamburg.de/webmail
