Hi,
I have wrote a program to handle some IP packets using libipq (linux 2.6.10 / iptables 1.3.3).
So I setup the NAT table with :
iptables -t nat -I PREROUTING -p sctp -j QUEUE
iptables -t nat -I POSTROUTING -p sctp -j QUEUE
The incoming packet go OK through my user space program and have the DST address changed to get forwarded to the server location. Now the server replies back, the rsp packet arrives within the POSTROUTING rule and gets sent by the kernel to my userspace program.
Userspace program applies the required changes - meaning it changes the SRC address and sends it back to the kernel. The ip_set_verdict response > 0 => which means success.
So far so good.
The problem is that the mangled packet does not come out ..... (tcpdump does not capture it neither on the local machine neither on the receiver machine) !
So to me is like the kernel is "dropping" the packet ......
Any idea how can I debug this ?!?
I have no option to upgrade to a latest linux kernel - unfortunately.
BR,
Dan S.
__________________________________________________________________
The new Internet Explorer® 8 - Faster, safer, easier. Optimized for Yahoo! Get it Now for Free! at http://downloads.yahoo.com/ca/internetexplorer/
--
To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
