Description of Problem: Simply booting, when there are not iptables rules and policies are all ACCEPT, if i issue that command: iptables -t nat -A PREROUTING -j DNAT -i eth0 -p tcp -d x.x.x.x --dport 80 --to 192.168.2.2:80 with x.x.x.x a valid address and then if i try to access on port 80 from another computer: telnet x.x.x.x 80 i get the linux box with iptable rule issued completely frozen... I tried with new kernel rpm (2.4.3-12) and all works fine. How Reproducible: Every time Steps to Reproduce: 1. boot with no iptables (or ipchains) 2. iptables -t nat -A PREROUTING -j DNAT -i eth0 -p tcp -d x.x.x.x --dport 80 --to 192.168.2.2:80 3. from another box: telnet x.x.x.x 80 Actual Results: get kernel panic error and system freezes Expected Results: with telnet x.x.x.x 80 i should be able to connect to 192.168.2.2 box on port 80 Additional Information: I use 3 ethernet cards. i updated to the kernel-2.4.3-12 and now all works fine
2.4.2-2 had a buggy and exploitable iptables. We put out a security advisory about that pretty soon after 2.4.2-2 was released. 2.4.3-12 should have that fixed and you confirm that (unless I misunderstood you, in that case please reopen this bug).