blob: 11b3f9d004e8b79808494ebb4f7b05e6b863b24c (plain
Known bugs with the 2.4.0 kernel:
1) NAT in the OUTPUT chain does not work in general. The fix is
intrusive, and means we will have a CONFIG_NF_IP_NAT_LOCAL option
when it comes back.
2) tcpdump traffic is corrupted by OUTPUT NAT.
3) Connection tracking doesn't wait very long for reply FIN, meaning
that half-closed pipes can time out early (seen frequently with squid).
4) iptables-restore and -save still have problems. Sorry.