On 2/13/06, KOVACS Krisztian <hidden@xxxxxxxxxx> wrote: > > Hi, > > Before 2.6.11 kernel, the SNAT box was mapping every new socket from > > the Client to a new source IP address. With this, I was able to > > simulate several thousands "virtual" clients. Now with the new > > behaviour, every socket from the Client to the Server is mapped to the > > same random but fixed source IP address. > > ... Is there any way I can achieve the previous behaviour without modifying the kernel > > source code :-( or downgrading to a pre-2.6.11 kernel? > > I see. Well, I don't think this is possible without modifying the kernel > source. > ... > About the kernel: take a look at > find_best_ips_proto() in ip_nat_core.c. At the end of the function > there's a jhash_2words() call, this is responsible for choosing an IP > inside the address range specified. You could easily modify it to produce > a hash value based on the (src, src port, dst) tuple instead of just > (src, dst). > > -- > KOVACS Krisztian > Hi, Thanks for your suggestion. I modified the kernel source with jhash_3words(src, port, dst) and now my SNAT box is snat'in per socket. Very cool! Thanks again. Khoa
