On Saturday 2008-04-05 02:12, Leonardo Rodrigues Magalhães wrote:
graph shows clearly the problem, but doesnt gives the solution.
Well, UNIX philosophy - one thing should do one thing :) Solutions are either - SNAT, in which case you won't have the original address, or - making sure 1.3.3.9 sends the packets back to 1.3.3.8 first before they get back to 1.3.3.7, either by - adding explicit routing entries or - modifying the network/subnet layout in a fitting way - directly connecting to 1.3.3.9 in the first place -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
