I'm not sure I'm asking the right question here, but I have to start
somewhere.
When I do a DNAT on an outside interface, it takes place prerouting. So it
overrwrites the destination address with the new address and sends the packet
on to the routing function (and then to the forward chain of iptables). It
also creates a state, so that return packets to the original address:port get
their source rewritten.
This overwriting of the source address on the return packets: does it happen
pre-routing or post-routing?
Trying to do some source routing via iproute2 on this scenario, and not having
much luck.
--
Jeff Simmons jsimmons@xxxxxxxxxxxxxxx
Simmons Consulting - Network Engineering, Administration, Security
"You guys, I don't hear any noise. Are you sure you're doing it right?"
-- My Life With The Thrill Kill Kult
