I find this diagram which details the kernel packet traveling :
http://www.docum.org/docum.org/kptd/
Is it up to date ?
I made some test and I put a DNAT rules in the PREROUTING table of an interface and I attach it a ingress policy, the dst IP wasn't changed. the DNAT it isn't yet make.
I've another question (I'm not sure is it the good mailing list), for the fragment packet, I see the ingress policy doesn't work correctly and I'd like to know where in the kernel travel of the packet the fragment are re-assemble ? At the NAT or in the routing ?
Thanks,
Edouard.
_______________________________________________ LARTC mailing list LARTC@xxxxxxxxxxxxxxx http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
