>>>> Turned out that it was the checksums. They were calculated correctly, >>>> but since I processed packets on input, tcp_hdr and udp_hdr of course >>>> returned invalid pointers. My code is now more or less RAWNAT, so if >>>> it is of interest to anybody else I will merge them and make it >>>> available. >>> >>> I have now rebased the RAWNAT branch to Xt-a's master and >>> made the rawpost tables workable with all kernel versions. >>> It does not have MAC addr punning yet. > > I am just rethinking this. There are cases where we do not want MAC punning. > (E.g. when a packet still needs to be routed through another gateway > instead of being delivered directly to the final ethernet segment.) > > Is --to-mac aa:bb:cc:dd:ee:ff sufficient, or did you want --to-mac IPaddr? The last one would be the easiest to use and would therefore be desirable. However, forcing the user to write the full MAC-address might limit scenarios where it is used wrongly. -Kristian -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
