On Fri, 22 Aug 2008, Grant Taylor <gtaylor@xxxxxxxxxxxxxxxxx> writes: > It won't help with the packet duplication, but I think it is related. I think > you will need to SNAT the traffic as it leaves 1.10 so that 1.2 / 1.20 will > reply back to 1.10 rather than directly back to the client. I think that 1.2 / > 1.20 is replying directly back to the client and the client is going WTF??? Why > is 1.2 / 1.20 replying to me? I have not started a connection with > them. In the actual setup, original packets are received from a mobile device through a VPN gateway. Therefore, endpoint server replies back to this client, instead of the gateway packages received from. > As far as packet duplication, I'd start with ulogd or something like > that. I'm betting you are going to have to pass the packets to user > space for the duplication. I'll check out ulogd. Thanks. Regards. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
