]> git.ipfire.org Git - people/mfischer/ipfire-2.x.git/commit
projects / people / mfischer / ipfire-2.x.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 8fa1831) | patch
firewall: Explicitely don't NAT any aliases
authorMichael Tremer <michael.tremer@ipfire.org>
Mon, 31 Mar 2025 14:35:26 +0000 (16:35 +0200)
committerMichael Tremer <michael.tremer@ipfire.org>
Mon, 31 Mar 2025 15:22:41 +0000 (15:22 +0000)
commit1c1ff05cdc37fe9ccabda9413c270935c3a45478
treec79c242cbbdc3118a534c611e771cc0f11d7716ftree
parent8fa1831bff7e1d76eb83b145976211aa703062e1commit | diff
firewall: Explicitely don't NAT any aliases

It seems that there is a problem with local connections that have
preselected an outgoing interface. That will work just fine, but
ultimately the packet will be NATed back to the primary RED IP address.
To prevent this, we are adding some extra rules that skip the MASQUERADE
target.

Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>
src/initscripts/system/firewall diff | blob | blame | history
src/initscripts/system/functions diff | blob | blame | history
Matthias' tree of IPFire 2.x