On Fri, May 9, 2008 at 12:48 PM, Andrea Ranieri <andreran@xxxxxx> wrote: > On 5/8/08, Grant Taylor wrote: > >> NAT rules are applied to the first packet in a connection and then the >> same action is auto-magically applied to all other packets in the >> connection with out passing them through the NAT table. >> >> So what you are seeing is probably very likely based on existing verses >> new connections. > > Thanks for your reply, but it seems I didn't explain my problem clearly. > I have a connectionless flow of ipv4 packets. No TCP, UDP or any L4 > payload at all. > So my question now is: does netfilter (with D/SNAT or NETMAP target) > provide basic natting features without having a L4 payload, or a > connection oriented flow is required for natting? After a couple of other tests, I have some relevant news. My previous tests involved a ipv4 flow going always from 10.0.5.2 to 10.0.6.2, and the results remains those I wrote in my first mail. Now I tried to change the source IP, and finally, the natting process begins. But obiviously with a strange behavior... In this test I always have the 10.0.5.2->10.0.6.2 flow running, and a 10.0.5.[2 to 5]->10.0.6.2 flow. Every IP except the .2 get natted. The .2 remains unchanged. Moreover, when i flush the nat table, the rule disappear but .3, .4 and .5 IPs continue to get natted. I think that's a cache problem. It's time to put feet in the mouth, isn't it? ^___^ Cheers Andrea -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
