Hello, Patrick McHardy a écrit :
Ah, I see the problem. The route returns unreachable, which iptable_mangle translates to NF_DROP. The problem is that netfilter itself can't return ENETUNREACH and there is no valid output function attached to the dst_entry that would send an icmp unreachable. I think the only thing you could do is manually call icmp_send(ICMP_DEST_UNREACH) in ip_route_me_harder for this case.
What about the REJECT target ? - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
