On Monday 2010-11-01 13:46, Stephen Clark wrote: >> >>Oh, iptables can also do it. Please see iptables target TEE and >>RAWNAT in xtables-addons. http://xtables-addons.sourceforge.net/ > >In testing this it looks like, to me anyhow, that the cloned packet >gets sent to the new gw with the original destination address, so >now the destination address has to get fixed up on the gw, this >seems pretty kludgy to me. Why can't the cloned packet simply have >its destination address replaced with the new destination address? Because that would incur a loss of information (namely, the destination address). >This seems to me like it would make a lot more sense, instead of >having to make changes to the packet on two different systems. You can do the changes on a single machine if you want to. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
