Harald Welte wrote: > On Sun, Aug 07, 2005 at 05:18:06PM +0200, Harald Welte wrote: > >>The following trivial patch was confirmed to solve the problem. Patrick >>also has no objections, so please apply this to mainline. > > Please hold it back for another minute. I'm still puzzled by this > problem. I can neither reproduce it nor understand how the code could > end up in a state where it would try to do NAT on untracked connections.
The conntrack reference is manually attached to locally generated ICMP errors and icmp_reply_translation() doesn't check if NAT mappings have been set up but simply replaces IP/port by what is stored in the untracked conntrack entry, which is all 0's. - To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [EMAIL PROTECTED] More majordomo info at http://vger.kernel.org/majordomo-info.html
