On Friday 2008-06-20 12:22, Patrick McHardy wrote: > Tobias Krummen wrote: >> So, is there a way to change the source ip-address of incoming packets with >> the given possibilities of netfilter, or are there other tools to get this >> done? > > You need to add an INPUT chain to the NAT table to do this > and adjust the HOOK2MANIP macro to deal with this. Alternatively, RAWNAT is supposed do this with the existing 'raw' table, before conntracking is involved; and on the output path, uses a 'rawpost' table that comes after conntracking. It is fully modular and it is not required to touch any in-kernel code. I have not lately tested this target though, so some adjustments might be needed. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
