On Sunday 14 December 2003 4:55 pm, Jeffrey Laramie wrote:
> On Sunday 14 December 2003 11:04, horape@xxxxxxxxxxxxxxxxxxxxxxxxxx wrote:
>
> > The proxy has a udp socket bound to port 5000, and another udp socket
> > bound to some other port, it reads from the first socket and does a
> > sendto using the other socket (poll + read + write, no more)
>
> It looks like the proxy is grabbing the packets first and then dropping
> them directly onto the INPUT chain. Try disabling the proxy and release the
> bound ports then try it again. Once the packets reach PREROUTING you can
> DNAT them to another port.
I could ubnderstand the proxy code managing to grab the packet off the wire
before netfilter (PREROUTING) sees it, but I don't see how it would then get
seen by the INPUT chain - as far as I know, it's not possible for a packet to
reach netfilter's INPUT chain without first going through the PREROUTING
chain. If a packet bypasses one of these, it will bypass both.
However, the idea of disabling the proxy, and then seeing if the LOG rules
show anything different, is a good one.
How is the proxy connected to the socket? Anything unusual?
Antony
--
Having been asked for a reference for this man,
I can confirm that you will be very lucky indeed if you can get him to work
for you.
Please reply to the list;
please don't CC me.
