You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
After miniupnpd-1.9.20160222, each DNAT rule also will add MASQUERADE rule to MINIPNPD-POSTROUTING chain. This is big fat overhead, MASQUERADE rule needed for different ports only.
Please add condition to netfilter/iptcrdr.c, func "add_redirect_rule2":
#ifdef ENABLE_PORT_TRIGGERING
+ if (eport == iport)
+ return r;
/* TODO : check if this should be done only with UDP */
r = addmasqueraderule(proto, eport, iaddr, iport, rhost/*, ifname*/);
if(r < 0) {
syslog(LOG_NOTICE, "add_redirect_rule2(): addmasqueraderule returned %d", r);
}
#endif /* ENABLE_PORT_TRIGGERING */
The text was updated successfully, but these errors were encountered:
The default behavior is to alter the connection as little as possible, within the constraints of the rule given by the user. This means we won't remap ports unless we have to.
MASQUERADE rule with is equal ports is really overhead, because POSTROUTING chain always have SNAT or MASQUERADE rule for entire LAN subnet. All outgoing traffic to WAN will be SNAT-ed.
have you an opinion on
Unfortunately I do not have Xbox One for testing. Theoretically, POSTROUTING rule with MASQUERADE ports is need only if there was no incoming traffic for DNAT-ed rule.
Source thread:
http://miniupnp.tuxfamily.org/forum/viewtopic.php?t=1820&postdays=0&postorder=asc&start=0
After miniupnpd-1.9.20160222, each DNAT rule also will add MASQUERADE rule to MINIPNPD-POSTROUTING chain. This is big fat overhead, MASQUERADE rule needed for different ports only.
Please add condition to netfilter/iptcrdr.c, func "add_redirect_rule2":
The text was updated successfully, but these errors were encountered: