Hello, Data Shock a écrit :
It is unfortunate that nobody seems to know why this message is there, or really what it means.
It is just a warning and remainder. As you saw, it would occur at most once after the DNAT module is loaded. So I do not understand why so much complain for a message happening mostly once a boot at most.
In 2.4 kernels and 2.6 kernels older that 2.6.11, the DNAT target used to implicitly change the source address to reflect the new output interface. Kernels 2.6.11 and above do not do it any more, possibliy causing a loss of connectivy in some special cases. This is the reason of this message, giving the opportunity to add an explicit SNAT rule when required. The given reason for removing explicit source NAT is that the submitter believed it was not strictly necessary.
The REDIRECT target never changed the source address, so it does not produce the message.
Note that it should not be necessary to explicitly change the source address with a SNAT rule anyway. Don't you have too restrictive filtering rules on the loopback interface ?
-- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html