vm/iptables: do not MASQUERADE packets on lo (#416)

Masquerading packets on lo actually drops them when there is no default route.
This causes problems with commutication between ntpd processes (ntp main
daemon and resolver). And perhaps many more...
This commit is contained in:
Marek Marczykowski 2012-01-13 20:42:31 +01:00
parent 17492f0fbf
commit f9c956e677

View File

@ -6,6 +6,7 @@
:PR-QBS - [0:0] :PR-QBS - [0:0]
-A PREROUTING -j PR-QBS -A PREROUTING -j PR-QBS
-A POSTROUTING -o vif+ -j ACCEPT -A POSTROUTING -o vif+ -j ACCEPT
-A POSTROUTING -o lo -j ACCEPT
-A POSTROUTING -j MASQUERADE -A POSTROUTING -j MASQUERADE
COMMIT COMMIT
# Completed on Mon Sep 6 08:57:46 2010 # Completed on Mon Sep 6 08:57:46 2010