Hello all,
I'm currently using Fedora Core 6 with the default kernel coming with the install (2.6.18-1.2798.fc6).
I have three network interfaces (physically eth0 connected to adsl-modem, eth1 to wlan station and eth2 to my desktop machine). All interfaces are bridged into one br0 interface which has internal network address. Connection to outside world is done with rp-pppoe so ppp0 has public static ip-address.
Here is my cleaned-up-version of script which configures the bridge interface, nat and firewall:
http://http://www.hiekkalaatikko.org/fw-nat-scripts.txt
So with this setup, everything works like a charm.
But now if I boot the new kernel version which came with "yum update" (namely 2.6.22.9-61.fc6), the connection from internal network to outside world stops working.
Looking at the modules loaded by different kernel versions I see that some of the names for nat-related modules have changed:
2.6.18:
ip_tables
iptable_nat
ip_nat
ip_conntrack
xt_conntrack
x_tables
2.6.22:
ip_tables
iptable_nat
nf_nat
nf_conntrack_ipv4
nf_conntrack
x_tables
I've traced with tcpdump that if I for example ping from my desktop computer a host outside my network, the packet is correctly received by br0, passed through ppp0 (with correct network address), received by foreign host and it also sends reply to ping but the reply is never received according to tcpdump. Traffic directly from the linux box to outside world is working fine, it's only the routed traffic that has the problem.
I've been trying to figure out what is causing this but... any ideas?