Bug 113557 - iptables NAT (MASQ) not working right after upgrade from 2.4.20-20.7 to 2.4.20-28.7
Summary: iptables NAT (MASQ) not working right after upgrade from 2.4.20-20.7 to 2.4.2...
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: kernel   
(Show other bugs)
Version: 7.3
Hardware: i686
OS: Linux
Target Milestone: ---
Assignee: Arjan van de Ven
QA Contact: Brian Brock
Depends On:
TreeView+ depends on / blocked
Reported: 2004-01-15 10:21 UTC by Jan Koop
Modified: 2005-10-31 22:00 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-09-30 15:41:47 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Jan Koop 2004-01-15 10:21:40 UTC
Description of problem:
After upgrading the kernel from 2.4.20-20.7 to 2.4.20-28.7 the iptables 
MASQUERADE target in the POSTROUTING chain (nat table) stopped working, if an 
output interface is specified.

Version-Release number of selected component (if applicable):
kernel-2.4.20-28.7 iptables-1.2.8-8.72.3

How reproducible:

Steps to Reproduce:
0. assumed your local network is and that should be SNATted to the 
address of eth1
1. 'iptables -t nat -I POSTROUTING -s -j MASQUERADE' *works*
2. 'iptables -t nat -D POSTROUTING 1' *delete rule from step 1*
3. 'iptables -t nat -I POSTROUTING -s -o eth1 -j MASQUERADE' 
*does not work*
Actual results:
un-NAT-ted packets (with private IP source addresses) go out on eth1 (public 

Expected results:
Source NAT to IP address of eth1

Additional info:
The error occurred after upgrading the kernel via rhn, the configuration that worked 
with the "old" kernel was NOT changed.

Comment 1 Bugzilla owner 2004-09-30 15:41:47 UTC
Thanks for the bug report. However, Red Hat no longer maintains this version of
the product. Please upgrade to the latest version and open a new bug if the problem

The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, 
and if you believe this bug is interesting to them, please report the problem in
the bug tracker at: http://bugzilla.fedora.us/

Note You need to log in before you can comment on or make changes to this bug.