On 11/29/07 04:55, Benny Amorsen wrote:
The GET request only gets transmitted once the three-way TCP
handshake is done. By then it's way too late to DNAT anything -- the
mini web server wouldn't get a SYN, so it would throw away the
packet.
Very good point. I did not think of that.
Would it be possible to possibly replace the returning traffic from a
custom daemon that could essentially be a man in the middle. In effect
alter the returning stream back to the requesting client and close out
the connection to the answering server? A "Cut-In" if you will? I
would think that you could pass the traffic via a NetLink interface to a
custom program that could do what is needed.
Is something like this possible or am I smoking too much again?
Grant. . . .
-
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
