Debian Bug report logs - #425462
NAT prerouting over tun interface broken

version graph

Package: linux-2.6; Maintainer for linux-2.6 is Debian Kernel Team <debian-kernel@lists.debian.org>;

Reported by: Frans Pop <elendil@planet.nl>

Date: Mon, 21 May 2007 20:39:01 UTC

Severity: normal

Tags: upstream

Found in version 2.6.21-2

Fixed in version 2.6.24-1

Done: maximilian attems <max@stro.at>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Kernel Team <debian-kernel@lists.debian.org>:
Bug#425462; Package linux-2.6. Full text and rfc822 format available.

Acknowledgement sent to Frans Pop <elendil@planet.nl>:
New Bug report received and forwarded. Copy sent to Debian Kernel Team <debian-kernel@lists.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Frans Pop <elendil@planet.nl>
To: BTS submit <submit@bugs.debian.org>
Subject: NAT prerouting over tun interface broken
Date: Mon, 21 May 2007 22:36:21 +0200
[Message part 1 (text/plain, inline)]
Package: linux-2.6
Version: 2.6.21-2
Tags: upstream
Forwarded: http://bugzilla.kernel.org/show_bug.cgi?id=8519

My hercules s/390 emulator no longer receives packets sent from other 
boxes to the external IP address it has on the host system. It appears 
that iptables prerouting is broken somehow.

For details, see upstream BR.

-- Package-specific info:
** Version: Linux version 2.6.21-1-amd64 (Debian 2.6.21-2) 
(waldi@debian.org) (gcc version 4.1.3 20070514 (prerelease) (Debian 
4.1.2-7)) #1 SMP Fri May 18 23:28:21 CEST 2007

** Not tainted

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.21-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Kernel Team <debian-kernel@lists.debian.org>:
Bug#425462; Package linux-2.6. Full text and rfc822 format available.

Acknowledgement sent to Frans Pop <elendil@planet.nl>:
Extra info received and forwarded to list. Copy sent to Debian Kernel Team <debian-kernel@lists.debian.org>. Full text and rfc822 format available.

Message #10 received at 425462@bugs.debian.org (full text, mbox):

From: Frans Pop <elendil@planet.nl>
To: 425462@bugs.debian.org
Cc: procps@packages.debian.org
Subject: Re: Bug#425462: NAT prerouting over tun interface broken
Date: Mon, 28 May 2007 11:11:40 +0200
[Message part 1 (text/plain, inline)]
(CC maintainer of procps as a heads-up)

On Monday 21 May 2007 22:36, Frans Pop wrote:
> My hercules s/390 emulator no longer receives packets sent from other
> boxes to the external IP address it has on the host system. It appears
> that iptables prerouting is broken somehow.

Update on this issue (more details in upstream BR).

The cause of the change in behavior has been traced to the following 
upstream commit: 8030f54499925d073a88c09f30d5d844fb1b3190

Somehow this causes default ipv4 settings defined in /etc/sysctl.conf to 
no longer be applied to eth0.

In my /etc/sysctl.conf I have:
net.ipv4.conf.default.rp_filter=1
net.ipv4.conf.default.forwarding=1

But after booting with a kernel with that change, these values are no 
longer applied for eth0:
$ cat /proc/sys/net/ipv4/conf/eth0/rp_filter:
0
$ cat /proc/sys/net/ipv4/conf/eth0/forwarding:
0
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Kernel Team <debian-kernel@lists.debian.org>:
Bug#425462; Package linux-2.6. Full text and rfc822 format available.

Acknowledgement sent to Frans Pop <elendil@planet.nl>:
Extra info received and forwarded to list. Copy sent to Debian Kernel Team <debian-kernel@lists.debian.org>. Full text and rfc822 format available.

Message #15 received at 425462@bugs.debian.org (full text, mbox):

From: Frans Pop <elendil@planet.nl>
To: 425462@bugs.debian.org
Cc: procps@packages.debian.org
Subject: Re: Bug#425462: NAT prerouting over tun interface broken
Date: Mon, 28 May 2007 13:05:41 +0200
[Message part 1 (text/plain, inline)]
On Monday 28 May 2007 11:11, Frans Pop wrote:
> Somehow this causes default ipv4 settings defined in /etc/sysctl.conf
> to no longer be applied to eth0.

Quoting Herbert Xu (emphasis is mine):
"Changing the value in default only affects interfaces which are 
*registered* afterwards.  Previously they affected interfaces which are 
*brought up* afterwards.

I'll talk to others to see if we could come up with a way to minimize this 
sort of pain."
[Message part 2 (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Kernel Team <debian-kernel@lists.debian.org>:
Bug#425462; Package linux-2.6. Full text and rfc822 format available.

Acknowledgement sent to Craig Small <csmall@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Kernel Team <debian-kernel@lists.debian.org>. Full text and rfc822 format available.

Message #20 received at 425462@bugs.debian.org (full text, mbox):

From: Craig Small <csmall@debian.org>
To: Frans Pop <elendil@planet.nl>
Cc: 425462@bugs.debian.org, procps@packages.debian.org
Subject: Re: Bug#425462: NAT prerouting over tun interface broken
Date: Mon, 28 May 2007 23:03:47 +1000
On Mon, May 28, 2007 at 01:05:41PM +0200, Frans Pop wrote:
> Quoting Herbert Xu (emphasis is mine):
> "Changing the value in default only affects interfaces which are 
> *registered* afterwards.  Previously they affected interfaces which are 
> *brought up* afterwards.
> 
> I'll talk to others to see if we could come up with a way to minimize this 
> sort of pain."
There was a bug for me to put the values in default and into the all
directory, which I think would solve this problem, at least for anyone
with the new file.

 - Craig

-- 
Craig Small      GnuPG:1C1B D893 1418 2AF4 45EE  95CB C76C E5AC 12CA DFA5
http://www.enc.com.au/                             csmall at : enc.com.au
http://www.debian.org/          Debian GNU/Linux, software should be Free 



Reply sent to maximilian attems <max@stro.at>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Frans Pop <elendil@planet.nl>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #25 received at 425462-done@bugs.debian.org (full text, mbox):

From: maximilian attems <max@stro.at>
To: 425462-done@bugs.debian.org
Subject: Re: NAT prerouting over tun interface broken
Date: Wed, 21 May 2008 20:51:38 +0200
Version: 2.6.24-1

fixed upstream thus marking as closed.

-- 
maks




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Thu, 19 Jun 2008 07:37:16 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Thu Apr 17 07:49:10 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.