On Tuesday 04 of October 2005 13:25, bernin_a@xxxxxxxxxxxxxxxxxxxxxxxxx wrote: > > Just to make sure, i have compiled kernel 2.4.31 and also switched back > > to > > > > 1.2.11 iptables. But nothing changed. Still the packets don't get SNAT-ed > > and > > there has been no hit on SNAT rule for about an hour (packets are sent > > ever y ten seconds or so). This only applies to UDP packets. > > > > Now i have noticed the same problem on another of my machines. Since its > > not only me having problems, maybe its some well-hidden bug in the > > netfilter? > > If so, it has been there for quite a while. I am using kernel 2.4.27 (with > grsecurity patches)... It seems there is only a problem with UDP here, > too... Are your machines under heavy load ? We have a constant rate of at > least 5 mbit running over this machines...they are not very busy, though. > no, there is no heavy load - 2Mb max - its my local router at home connected to small community network. Since there is no obvious solution, I have reported this as bug to netfilter bugzilla. We'll see what they say. Marek
