From owner-freebsd-stable Sun Feb 3 17:35:44 2002 Delivered-To: freebsd-stable@freebsd.org Received: from mail.gmx.net (mail.gmx.net [213.165.64.20]) by hub.freebsd.org (Postfix) with SMTP id 3634937B420 for ; Sun, 3 Feb 2002 17:35:40 -0800 (PST) Received: (qmail 1940 invoked by uid 0); 4 Feb 2002 01:35:38 -0000 Received: from pd950a59d.dip.t-dialin.net (HELO gmx.net) (217.80.165.157) by mail.gmx.net (mp001-rz3) with SMTP; 4 Feb 2002 01:35:38 -0000 Message-ID: <3C5DE578.4020409@gmx.net> Date: Mon, 04 Feb 2002 02:35:52 +0100 From: Michael Nottebrock User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:0.9.7) Gecko/20011221 X-Accept-Language: en-us MIME-Version: 1.0 To: stable@FreeBSD.ORG Subject: Re: dropping 127.* on the floor (was Re: 4.5 & ipnat breakage) References: <20020203152433.A5932-100000@voyager.straynet.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG Greg Prosser wrote: > FWIW, my problem was a change in the ip stack. > > We now drop 127.* packets on the floor if they come in across an interface > that is not lo0. Since ipnat redirect rules happen below the ip stack, > packets which are rewritten by ipnat to use a 127.* address get dropped on > the floor when they enter the stack. ipnat records the redirect as having > worked, but the packet just disappears silently. This totally breaks > my transparent proxy, as I forward the connections to 127.0.0.1 via ipnat. Ugh. This probably means that transparent squid proxying will also break and _that_ scares me (no touchy cvsup for my -STABLE box). You might want to contact the committer about this. -- Michael Nottebrock To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message