]> git.ipfire.org Git - people/ms/ipfire-2.x.git/commit
projects / people / ms / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: fe0cab3) | patch
firewall: Explicitely don't NAT any aliases
authorMichael Tremer <michael.tremer@ipfire.org>
Mon, 31 Mar 2025 14:35:26 +0000 (16:35 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Mon, 31 Mar 2025 14:35:26 +0000 (16:35 +0200)
commit1a8ccf99577c890a95e368ab8f6aa35af1b98210
tree121a89ca9f1b84ab9c527eef3319064755e32365tree
parentfe0cab302ee9a5dbef49b98ce765c8269ce5f0b3commit | diff
firewall: Explicitely don't NAT any aliases

It seems that there is a problem with local connections that have
preselected an outgoing interface. That will work just fine, but
ultimately the packet will be NATed back to the primary RED IP address.
To prevent this, we are adding some extra rules that skip the MASQUERADE
target.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/initscripts/system/firewall diff | blob | blame | history
src/initscripts/system/functions diff | blob | blame | history
Michael's tree of IPFire 2.x.