Hi, I have a doubt regarding the NAPT mechanism part of netfilter in linux kernel for a ICMP packet. I am using Redhat 5.7 64 bit OS. In case of ICMP packets basically it is the echoid and source address are used as a tuple or a key. So based on the NAPT rules present in iptables the echo id module in icmp packet has to be modified. But its not happening so. Echoid in icmp packet remains same. My iptable nat rules are shown below. Ideal case icmp echo id has to modified to the range as shown below. I am sorry if I am wrong .. anyway to debug such a scenarios ? iptables -t nat -L -nv Chain PREROUTING (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination 0 0 DNAT all -- eth1 * 0.0.0.0/0 0.0.0.0/0 to:192.168.1.1 Chain POSTROUTING (policy ACCEPT 104 packets, 6628 bytes) pkts bytes target prot opt in out source destination 0 0 MASQUERADE icmp -- * eth1 192.168.1.0/24 0.0.0.0/0 masq ports: 63232-63359 Regards, Ajith -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
