← Back to team overview

kernel-packages team mailing list archive

  1. kernel-packages team
  2. Mailing list archive
  3. Message #06402

[Bug 654311] Re: POSTROUTING NAT doesn't operate on ISAKMP traffic

  Thread PreviousDate PreviousThread Next 
Derek Chen-Becker, could you please test the latest upstream kernel available following https://wiki.ubuntu.com/KernelMainlineBuilds ? It will allow additional upstream developers to examine the issue. Please do not test the daily folder, but the one all the way at the bottom. Once you've tested the upstream kernel, please comment on which kernel version specifically you tested. If this bug is fixed in the mainline kernel, please add the following tags:
kernel-fixed-upstream
kernel-fixed-upstream-VERSION-NUMBER

where VERSION-NUMBER is the version number of the kernel you tested. For example:
kernel-fixed-upstream-v3.11-rc5

This can be done by clicking on the yellow circle with a black pencil icon next to the word Tags located at the bottom of the bug description. As well, please remove the tag:
needs-upstream-testing

If the mainline kernel does not fix this bug, please add the following tags:
kernel-bug-exists-upstream
kernel-bug-exists-upstream-VERSION-NUMBER

As well, please remove the tag:
needs-upstream-testing

If you are unable to test the mainline kernel, please comment as to why specifically you were unable to test it and add the following tags:
kernel-unable-to-test-upstream
kernel-unable-to-test-upstream-VERSION-NUMBER

Once testing of the upstream kernel is complete, please mark this bug's
Status as Confirmed. Please let us know your results. Thank you for your
understanding.

** Tags removed: networking
** Tags added: latest-bios-f7

** Changed in: linux (Ubuntu)
       Status: Confirmed => Incomplete

-- 
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/654311

Title:
  POSTROUTING NAT doesn't operate on ISAKMP traffic

Status in “linux” package in Ubuntu:
  Incomplete

Bug description:
  I have a Juniper firewall (SSG-5) that does ISAKMP with NAT behind my
  linux server. This works with the following iptables rule under
  linux-2.6.32.-24:

  iptables -t nat -A POSTROUTING -s <my private network> -o eth1 -j SNAT
  --to <my public static IP>

  Under linux-2.6.32-25, the NAT rule shows up in the listing of
  "iptables -t nat -nvL", but it fails to do a source translation. My
  private network, an RFC 1918 non-routable network, simply leaks out my
  public interface (confirmed by a tshark trace) and my ISP simply drops
  the packets.

  ProblemType: Bug
  DistroRelease: Ubuntu 10.04
  Package: linux-image-2.6.32-25-generic 2.6.32-25.44
  Regression: Yes
  Reproducible: Yes
  ProcVersionSignature: Ubuntu 2.6.32-24.43-generic 2.6.32.15+drm33.5
  Uname: Linux 2.6.32-24-generic x86_64
  NonfreeKernelModules: nvidia
  AlsaVersion: Advanced Linux Sound Architecture Driver Version 1.0.21.
  Architecture: amd64
  AudioDevicesInUse:
   USER        PID ACCESS COMMAND
   /dev/snd/controlC0:  derek      3777 F.... pulseaudio
   /dev/snd/pcmC0D0p:   derek      3777 F...m pulseaudio
  CRDA: Error: [Errno 2] No such file or directory
  Card0.Amixer.info:
   Card hw:0 'SB'/'HDA ATI SB at 0xfe024000 irq 16'
     Mixer name	: 'Realtek ALC889A'
     Components	: 'HDA:10ec0885,1458a002,00100101'
     Controls      : 43
     Simple ctrls  : 24
  Card1.Amixer.info:
   Card hw:1 'CX8801'/'Conexant CX8801 at 0xf8000000'
     Mixer name	: 'CX88'
     Components	: ''
     Controls      : 3
     Simple ctrls  : 2
  Date: Sun Oct  3 17:08:36 2010
  HibernationDevice: RESUME=UUID=23a81355-31a4-4075-9ec9-c69a56975b98
  MachineType: Gigabyte Technology Co., Ltd. GA-MA69G-S3H
  ProcCmdLine: BOOT_IMAGE=/vmlinuz-2.6.32-24-generic root=/dev/mapper/BigDisks-Root ro quiet splash rootfstype=ext4 nomodeset video=uvesafb:mode_option=1024x768-24,mtrr=3,scroll=ywrap
  ProcEnviron:
   PATH=(custom, user)
   LANG=en_US.utf8
   SHELL=/bin/bash
  RelatedPackageVersions: linux-firmware 1.34.1
  RfKill:
   
  SourcePackage: linux
  WpaSupplicantLog:
   
  dmi.bios.date: 12/29/2008
  dmi.bios.vendor: Award Software International, Inc.
  dmi.bios.version: F7
  dmi.board.name: GA-MA69G-S3H
  dmi.board.vendor: Gigabyte Technology Co., Ltd.
  dmi.chassis.type: 3
  dmi.chassis.vendor: Gigabyte Technology Co., Ltd.
  dmi.modalias: dmi:bvnAwardSoftwareInternational,Inc.:bvrF7:bd12/29/2008:svnGigabyteTechnologyCo.,Ltd.:pnGA-MA69G-S3H:pvr:rvnGigabyteTechnologyCo.,Ltd.:rnGA-MA69G-S3H:rvr:cvnGigabyteTechnologyCo.,Ltd.:ct3:cvr:
  dmi.product.name: GA-MA69G-S3H
  dmi.sys.vendor: Gigabyte Technology Co., Ltd.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/654311/+subscriptions
  Thread PreviousDate PreviousThread Next