linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Neal Stephenson <neal@bakerst.org>
To: linux-kernel@vger.kernel.org
Subject: Re: 2.4.23 masquerading broken? key.oif = 0;
Date: Tue, 09 Dec 2003 20:51:09 -0500	[thread overview]
Message-ID: <1071021069.16543.14.camel@moran.bakerst.org> (raw)

Hi,
	I have this problem with 2.4.23. It is new problem, my setup was
working fine on 2.4.22 and 2.4.22-ac4. I tried the patch of moving
key.oif=0 without success. The problem occurs as soon as the machine
comes up.

	I use the iproute tools with rules and tables and mark packets with
iptables so that port 80 traffic goes out through ppp0 rather than the
default eth1. ppp0 has another iptable rule that masquerades everything.
I see the packet enter through eth0 and it never reaches another
interface, at least as far as I can tell with tcpdump. A brief
description of my network is eth0 is my local network, ppp0 is my
personal high speed, and eth1 is my permanent DSL connection. 


	I can send my .config or routing tablef if wanted. The brief is

CONFIG_IP_ADVANCED_ROUTER=y
CONFIG_IP_MULTIPLE_TABLES=y
CONFIG_IP_ROUTE_FWMARK=y
CONFIG_IP_ROUTE_NAT=y

	along with ip netfilter essentially all modules. Some relevant iptable
and ip commands

iptables -t mangle -A PREROUTING --protocol tcp --destination-port 80 -j
MARK --set-mark 0x932
iptables -t nat -A POSTROUTING -o ppp0 -j MASQUERADE

ip rule add pri 424 iif eth0 fwmark 0x932 table symp

	and this is what shows up in dmesg

MASQUERADE: Route sent us somewhere else.

	Any suggestions appreciated,

		Neal


             reply	other threads:[~2003-12-10  1:51 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2003-12-10  1:51 Neal Stephenson [this message]
2003-12-10 10:04 ` 2.4.23 masquerading broken? key.oif = 0; Martin Josefsson
2003-12-11 13:16   ` Neal Stephenson

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1071021069.16543.14.camel@moran.bakerst.org \
    --to=neal@bakerst.org \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).