-
Notifications
You must be signed in to change notification settings - Fork 271
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
rich masquerading: it works #10
Comments
Im wondering if the second rules is not mising |
The conntrack match for established and related is there already in the FORWARD chain and therefore not needed here. But it is lacking an additional "-m conntrack --ctstate NEW". I will push a new patch for verification. |
But on the other hand INVALID is also dropped early in the FORWARD chain (since 354dcab again), therefore the rule can only be hit by connections that are in NEW state. |
Fixed in 36ccd63 |
can we grab rich-masquerading-destination back to master ? |
thx ! merged, closing |
Just if i forget to catch you, @t-woerner
Using
Will ensure following changes in the tables
Im inspecting what the second rule grants really, but it seems fine.
The text was updated successfully, but these errors were encountered: