Jan Engelhardt wrote: > On Thursday 2010-06-17 09:44, Patrick McHardy wrote: > >> Jan Engelhardt wrote: >> >>> I am not sure I follow whatever this is supposed to do. >>> >>> Packet from eth0: src=10.0.0.15 dst=10.0.1.22 >>> INPUT#NETMAP will dst transform that to dst=10.0.0.22 >>> >> nat/INPUT performs source NAT, not destination NAT. >> >> >>> POSTROUTING#NETMAP will src transform that to src=10.0.0.15 >>> >>> Is is this step that makes no sense to me. >>> >> Does it make sense now? >> > > Somewhat, but there's still > > >>>> However this doesn't work for packets destined for the >>>> machine performing NAT itself >>>> > > Why would it not? What would cause misdelivery if PREROUTING > was used instead of INPUT? > PREROUTING performs DNAT. The purpose is to map the two identical networks to non-clashing networks. Just consider two connections from the same source address and port number to the same destination. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
