On Friday 2011-01-07 00:02, Marek Kierdelewicz wrote: >Hi, > >The DNETMAP target allows dynamic two-way 1:1 mapping of IPv4 subnets. >Single rule can map private subnet to shorter public subnet creating >and maintaining unambigeous private-public ip bindings. Second rule can >be used to map new flows to private subnet according to maintained >bindings. Target allows efficient public IPv4 space usage and >unambigeous NAT at the same time. > >DNETMAP is available as patched xtables-addons-1.31 package and as a >patch for xtables-addons-1.31 package. > >http://cat.piasta.pl/dnetmap/ Have you considered updating the NETMAP target inside the linux kernel instead? Your idea looks interesting in that I could envision it superseding DNAT, SNAT and NETMAP altogether. >Polite request to Jan Engelhardt for inclusion of the target into >xtables-addons. It would be nice if you could * resolve the inconsistencies in indentation. Specifically, use tabs to indent statements. If in doubt, use scripts/Lindent and scripts/checkpatch.pl from linux. * wrap lines at 80 cols in xt_DNETMAP.man Things I have noticed while spending a quick look: The manpage mentions "If host 192.168.0.10 generates some traffic, it gets bound to first free IP in subnet - 20.0.0.0.". However, 20.0.0.0 can be a network address and thus lead to problems. Is there a way for the user to specify that the range to use should be 20.0.0.1-20.255.255.254 rather than 20.0.0.0-20.255.255.255? -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html