On Thu, Apr 08, 2004 at 11:15:25AM +0530, shantanu sharma wrote:
> we are supposed to capture a dns packet at the firewall and mangle it
> appropriately
This is a very tricky process. I've done some work on DNS mangling myself,
but it is not complete. I stopped working on it when Verisign stopped their
SiteFinder. Would you be interested in comparing implementations and/or
merging efforts?
> please tell us how do we correct the checksum filed of UDP and IP after
> the reverse S NAT takes place or do we need to queue the packets using
> some other chain of someother table
I think this should be the least of your problems. :-) I would start by
looking near the end of ip_nat_mangle_udp_packet().
--
Nothing will dispel enthusiasm like a small admission fee.
-- Kim Hubbard
Attachment:
pgp00854.pgp
Description: PGP signature
