diff options
| author | laforge <laforge> | 2002-07-23 13:44:41 +0000 |
|---|---|---|
| committer | laforge <laforge> | 2002-07-23 13:44:41 +0000 |
| commit | d0b04a271e3105ec77dfa444395f3bbafd5fccad (patch) | |
| tree | cef6ff78501a7907d02d342b6cda711f9135f2a9 /KNOWN_BUGS | |
| parent | 9487566036d110cfc8d23316744972a601fb3a2a (diff) | |
add hint about local-nat.patch to KNOWN_BUGS, make libipt_ecn work
Diffstat (limited to 'KNOWN_BUGS')
| -rw-r--r-- | KNOWN_BUGS | 10 |
1 files changed, 7 insertions, 3 deletions
@@ -1,10 +1,14 @@ Known bugs: -1) NAT in the OUTPUT chain does not work in stock kernels. However, - there is a patch in patch-o-matic, called the 'local-nat.patch'. - This patch adds a CONFIG_NF_IP_NAT_LOCAL kernel config option. +1) NAT in the OUTPUT chain only works since kernel 2.4.18. However, + there is a patch for previous kernels in patch-o-matic, called the + 'local-nat.patch'. This patch adds a CONFIG_NF_IP_NAT_LOCAL kernel config + option. 2) tcpdump traffic is corrupted by OUTPUT NAT. 3) Connection tracking doesn't wait very long for reply FIN, meaning that half-closed pipes can time out early (seen frequently with squid). + +4) When you use ip6tables packet mangling on IPv6 packets, the packet will + not be re-routed in case e.g. you insert a routing header. |