Hi again, > I'm using iptables v1.2.5. I've noticed that there is > a DNAT / ICMP correction in 1.2.7a. I'm going to download > and test this new version, but I suspect that the behaviour > will be the same. I tried with the latest version, but there is no difference. I still can't see any way of configuring iptables to do what I need. Even if the original source address was known, how could I specifically tell iptables to mangle the address inside the ICMP packet? Maybe its a bug? Thanks for any advice, Ciaran -- +---------------------------------------------------------+ Ciaran Deignan 04 38 49 87 27 Netcelo SA - IPsec VPN Solutions http://www.netcelo.com/ 18-20 rue Henri Barbusse - BP 2501, 38035 Grenoble Cedex 2 +---------------------------------------------------------+
