Bug 113557 - iptables NAT (MASQ) not working right after upgrade from 2.4.20-20.7 to 2.4.20-28.7
iptables NAT (MASQ) not working right after upgrade from 2.4.20-20.7 to 2.4.2...
Product: Red Hat Linux
Classification: Retired
Component: kernel (Show other bugs)
i686 Linux
high Severity high
: ---
: ---
Assigned To: Arjan van de Ven
Brian Brock
Depends On:
  Show dependency treegraph
Reported: 2004-01-15 05:21 EST by Jan Koop
Modified: 2005-10-31 17:00 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2004-09-30 11:41:47 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

  None (edit)
Description Jan Koop 2004-01-15 05:21:40 EST
Description of problem:
After upgrading the kernel from 2.4.20-20.7 to 2.4.20-28.7 the iptables 
MASQUERADE target in the POSTROUTING chain (nat table) stopped working, if an 
output interface is specified.

Version-Release number of selected component (if applicable):
kernel-2.4.20-28.7 iptables-1.2.8-8.72.3

How reproducible:

Steps to Reproduce:
0. assumed your local network is and that should be SNATted to the 
address of eth1
1. 'iptables -t nat -I POSTROUTING -s -j MASQUERADE' *works*
2. 'iptables -t nat -D POSTROUTING 1' *delete rule from step 1*
3. 'iptables -t nat -I POSTROUTING -s -o eth1 -j MASQUERADE' 
*does not work*
Actual results:
un-NAT-ted packets (with private IP source addresses) go out on eth1 (public 

Expected results:
Source NAT to IP address of eth1

Additional info:
The error occurred after upgrading the kernel via rhn, the configuration that worked 
with the "old" kernel was NOT changed.
Comment 1 Bugzilla owner 2004-09-30 11:41:47 EDT
Thanks for the bug report. However, Red Hat no longer maintains this version of
the product. Please upgrade to the latest version and open a new bug if the problem

The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, 
and if you believe this bug is interesting to them, please report the problem in
the bug tracker at: http://bugzilla.fedora.us/

Note You need to log in before you can comment on or make changes to this bug.