On Oct 26 2007 16:10, Amin Azez wrote: >> >> That's because Patrick said it cannot be NULL :-) >> http://marc.info/?l=netfilter-devel&m=118105659716253&w=2 >> >> Of course, an oops in an interrupt handler ain't that funny.. > >Indeed. > >But he was right in the planned useful case, are you using it in >pre-routing on bridging or something? I can't work out why you would >want to use it in PRE_ROUTING, i.e. before a gateway is set, unless you >are setting a gateway in pre-routing too. You're not storing a route in >the conntrack are you? No. The experiment behind this was to: -t nat -A PREROUTING -i eth1 -d <address of eth0> -p tcp \ --dport 80 -j REDIRECT --to-port 8000 i.e. that all packets destined for <public ip>:80 go to an alternate port. But if eth0 has a dynamic address, that is going to be hard. So the idea I had was to match with -t nat -A PREROUTING \ -m gateway --nexthop 127.0.0.1 -p tcp --dport 80 because the routing code would decide so when it sees that the IPv4 destination <public ip> is actually a 'local' target (ip r l table local). - To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
