On Sun, 9 Mar 2008, Krzysztof Oledzki wrote:
On Sat, 8 Mar 2008, Pablo Neira Ayuso wrote:
Hi!
Hi,
The netfilter project proudly presents another development release of
the conntrack-tools. This release includes important improvements, new
features and bugfixes:
<CUT>
I attached two patches to fix two warnings about shadowed declarations.
BTW: It seems there is somethig wrong with --dst-nat/--src-nat filtering:
# conntrack -L --src-nat|wc -l;conntrack -L --src-nat=1.2.3.4|wc -l;conntrack
-L --src-nat=244.244.244.244|wc -l
5010
5010
5010
If I understand it properly "conntrack -L --src-nat=A.B.C.D" is supposed to
show only connections snated to A.B.C.D, but as you can see it ignores this
parameter and shows all snated connections.
From the other hand --dst-nat works in exactly opposite way: it filters out
all connections, even matching ones.
Small update: "--dst-nat A.B.C.D" instead of "--dst-nat=A.B.C.D" works
exactly like --src-nat (shows everything).
Best regards,
Krzysztof Olędzki
