[pve-devel] pvefw: masquerade problems and conntrack zones
Dietmar Maurer
dietmar at proxmox.com
Wed Mar 12 06:12:33 CET 2014
> adding iptables -t raw -A PREROUTING -d '10.2.0.100/32' -i vmbr14 -j CT --zone
> 1
> -------------------------------------------------------------------------------
> now it's working
> So, it seem that postrouting occur once by zone, or something like that
yes, looks like that.
> So,I think using zones is the goodway. But not available in 2.6.32.
> (maybe it can be easily backported ?)
I thing 3.10 will be stable in a few months, so there is no need to do a backport.
More information about the pve-devel
mailing list