[Sorry for the late answer, I just subscribed to the list] Hello, Pedro Werneck wrote :
I have a daemon, a sort of proxy, written in Python, who receives redirected connections with a rule like this: iptables -t nat -A PREROUTING -j DNAT -p TCP -s source --to-destination host:port The problem is that I need access to the original destination address,
You can parse /proc/net/ip_conntrack on the NAT box, which contains the list of the connections currently handled by conntrack/NAT. This is how Squid retrieves the original destination address when running in transparent mode.
Note : on "recent" kernels you need root privileges to read this file.
