On Monday 2008-09-15 12:02, Manu wrote:
>
> With an additional rule [at PREROUTING 3]:
> # iptables -nvL -t raw
> Chain PREROUTING (policy ACCEPT 18821 packets, 7969K bytes)
> pkts bytes target prot opt in out source destination
> 11194 677K TRACE all -- * * 0.0.0.0/0 0.0.0.0/0
> 353 28929 RAWSNAT all -- eth2 * 192.168.150.111 0.0.0.0/0 to-source 10.0.17.2/32
> 3 204 RAWDNAT all -- eth2 * 10.0.17.2 0.0.0.0/0 to-destination 10.0.17.1/32
>
> Chain OUTPUT (policy ACCEPT 21579 packets, 6930K bytes)
> pkts bytes target prot opt in out source destination
> 0 0 RAWDNAT udp -- * eth2 0.0.0.0/0 10.0.17.2 udp dpt:53 to-destination 192.168.150.111/32
> 16610 6550K TRACE all -- * * 0.0.0.0/0 0.0.0.0/0
>
> I'm getting this result. If I'm doing the RAWDNAT operation in
> PREROUTING the pakets losts the destination-port? Or how do I
> have to read that!
>
> <4>TRACE: raw:PREROUTING:rule:2 SRC=192.168.150.111 DST=192.168.150.1
> LEN=59 ID=5833 PROTO=UDP SPT=61014 DPT=53 LEN=39
> <4>TRACE: raw:PREROUTING:rule:3 SRC=10.0.17.2 DST=192.168.150.1
> LEN=59 ID=5833 PROTO=UDP SPT=61014 DPT=53 LEN=39
> <4>TRACE: raw:PREROUTING:policy:4 SRC=10.0.17.2 DST=10.0.17.1
> LEN=59 ID=5833 CE FRAG:7000 PROTO=UDP
>
> I'm feeling there is not much more to solve. A little bit help would be so
> greatly appreciated!
>
True true, something is not quite right yet.
I updated the branch with the latest commit ("updating checksumming
code"), can you try that please? Thanks for keeping me on my toes ;-)
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
