"?????????" ????: Cedric Blancher ??: ????????? ????????????? ????? ?????? ????????? ????: Re: ICMP nat CC: netfilter@xxxxxxxxxxxxxxxxxxx >> My question is: if I, for example, generate icmp packet with icmp-type >> 11 by packet generator, this packet is not in ESTABLISHED state, and >> not in conntrack list, and probably should go via NAT table? in >> practical test, however, that kind of packet not go via NAT! >If you craft an ICMP error, then it will be given INVALID state as no >previous entry exists in conntrack table to which it can be associated. which means that such ICMP packet will go via NAT POSTROUTING chain, correct? -- http://sid.rstack.org/ PGP KeyID: 157E98EE FingerPrint: FA62226DA9E72FA8AECAA240008B480E157E98EE >> Hi! I'm your friendly neighbourhood signature virus. >> Copy me to your signature file and help me spread! ????/?????: 02.02.2006 17:54:21 ???????: + 7 (495) 258-33-44 E-mail: vr@xxxxxxxxx ??? ????: http://www.avtoradio.ru
