From f9c956e677088f88b5b3bb7169362f3dba4ef4c0 Mon Sep 17 00:00:00 2001 From: Marek Marczykowski Date: Fri, 13 Jan 2012 20:42:31 +0100 Subject: [PATCH] vm/iptables: do not MASQUERADE packets on lo (#416) Masquerading packets on lo actually drops them when there is no default route. This causes problems with commutication between ntpd processes (ntp main daemon and resolver). And perhaps many more... --- network/iptables | 1 + 1 file changed, 1 insertion(+) diff --git a/network/iptables b/network/iptables index b80c19a2..6e6e6d89 100644 --- a/network/iptables +++ b/network/iptables @@ -6,6 +6,7 @@ :PR-QBS - [0:0] -A PREROUTING -j PR-QBS -A POSTROUTING -o vif+ -j ACCEPT +-A POSTROUTING -o lo -j ACCEPT -A POSTROUTING -j MASQUERADE COMMIT # Completed on Mon Sep 6 08:57:46 2010