hello Pablo i have two more questions On Mon, Jan 31, 2011 at 6:35 PM, Pablo Neira Ayuso <pablo@xxxxxxxxxxxxx> wrote: > On 31/01/11 03:47, JeHo Park wrote: >> hello jan >> i see, i took mistake. Ccs.. :-) >> anyway, i wonder why there is no TCP payload in the skb of the string >> or wurl match. > > Because you only see the first packet of the flow in the NAT table. > first, i thought or assumed what you said like above is from the reason that NAT mapping is first started from L3 IP connection mapping [origin and expect tuples..] and from TCP helper [for TCP port infomation ..etc] but it is not based on TCP contents. so you said it is not possible to rediect such connection. is it right? > You should use the string match in the filter or raw tables. > and second, i think some people might also want such a functionality like what i want to do, redirection some connection to other server judging from its TCP contents infomation. [in this case, the URI infomation of the HTTP transaction] i want to know how you think about .. previously thanks ~ -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
