SNAT on local interfaces?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



 I have a custom proxy which is being used to direct traffic based on
application layer data. The proxy receives connections from foreign
addresses and then proxies them to applications running on the local
machine--the same machine the proxy is running on.

The problem is that all the connections to applications appear to come
from the proxy server's ip address instead of the originating foreign
address. We need the source address to be the foreign address and
tried to use SNAT to do it. But apparent SNAT doesn't work when the
source and destination addresses are all on local interfaces.

When I do a tcpdump I see all the traffic that should be caught by the
SNAT rule appears on the loopback interface. When I check the rule no
packets are caught by it.

Is there anyway to get SNAT to work for local source and destination
address? Or is this some sort of limitation imposed by the kernel or
iptables?

 thanks,

 Dave
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux