On Friday 2008-04-25 13:06, Bradley Kite wrote: > >I'm using DNAT to transparently redirect TCP connections to a local >application which is listening on a port for new connections. > >From within my application, I'd like to be able to find out the >original destination IP address of the packet/connection, before it >got DNAT'ed. getsockopt(... SO_ORIGINAL_DST ...) in endpoint programs or alternatively, iptables -m conntrack --ctorigdst <xxx> can be used in iptables. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
