| Rusty Russell | 967893b | 2000-10-06 08:11:40 +0000 | [diff] [blame] | 1 | Known bugs with the 2.4.0 kernel: |
| 2 | |
| 3 | 1) NAT in the OUTPUT chain does not work in general. The fix is |
| 4 | intrusive, and means we will have a CONFIG_NF_IP_NAT_LOCAL option |
| 5 | when it comes back. |
| 6 | |
| 7 | 2) tcpdump traffic is corrupted by OUTPUT NAT. |
| 8 | |
| 9 | 3) Connection tracking doesn't wait very long for reply FIN, meaning |
| 10 | that half-closed pipes can time out early (seen frequently with squid). |
| Harald Welte | 0e86541 | 2001-05-07 18:49:10 +0000 | [diff] [blame] | 11 | |
| 12 | 4) iptables-restore and -save still have problems. Sorry. |