On Fri, Nov 18, 2005 at 12:07:59PM +0100, Jozsef Kadlecsik wrote: > > > > I'm running kernel 2.6.8-2-k7 from Debian Stable, iptables v1.2.11. > > > Try to upgrade to a newer kernel. > > I guess I'd do this as a last resort. I'm trying to keep the system in > > question on Debian Stable if possible. Is there reason to think a kernel > > upgrade would just fix it? > Just as a last resort. But the problem is so strange, I can't recall any > patch related to such a behaviour. I've finally managed to upgrade the kernel without hosing my RAID/LVM setup. Unfortunately, I still have the identical problem. I'm now using 2.6.14-2-k7 from Debian unstable. Packets go from client to nat box, then nat to server, then back from server to nat box, but never then back to internal client. The connection is showing up as tracked in /proc/net/ip_conntrack. Even if I force nat encapsulation by SNATing the packets to unprivileged ports, I get the same result (other than that the reply packets come back on whatever unprivileged port was selected). Does anyone have any other ideas about how to troubleshoot this problem? I was really hoping the kernel upgrade would fix it, but unfortunately not. -- Adam Rosi-Kessel http://adam.rosi-kessel.org
Attachment:
signature.asc
Description: Digital signature
