Hi, We're trying to use a home brewed T/TCP stack in addition to Linux plain SNAT. Everything works as expected, except for the first packet, which is not NATed. Communication is as follows: C S 1. SYN* 2. DATA 3. SYN/ACK* 4. ACK* 5. REST_OF_COM* [*] The packet is NATed Our hypothesis du jour, is that packet #2 is not NATed because it is not currently part of a connection from netfilter point of view. Hence my questions: - Does our hypothesis seem you reasonable? - If yes, is it possible to tell NAT to ignore the connection tracking informations, and NAT all the packets getting out of a given interface - If not, what do you reckon could be the cause for having the #2 packet not NATed? Thanks, Frederik
