On Sun, Aug 07, 2005 at 05:18:06PM +0200, Harald Welte wrote: > Hi Dave! > > The following trivial patch was confirmed to solve the problem. Patrick > also has no objections, so please apply this to mainline.
Please hold it back for another minute. I'm still puzzled by this problem. I can neither reproduce it nor understand how the code could end up in a state where it would try to do NAT on untracked connections. Vladimir: Can you please send me the output of "iptables -t raw -L -vn" are you sure the locally-generated ICMP errors in OUTPUT are matched by your NOTRACK rules? -- - Harald Welte <[EMAIL PROTECTED]> http://gnumonks.org/ ============================================================================ "Privacy in residential applications is a desirable marketing option." (ETSI EN 300 175-7 Ch. A6)
pgpTS2DdcCwUJ.pgp
Description: PGP signature
