On Wednesday 2011-03-30 21:55, Bruno Deschamps wrote: >The modules are active ip_conntrack_sip and ip_nat_sip There have been numerous fixes to the SIP modules. It is advised to update the kernel, especially since you seem to be running a terribly outdated one. >By default the output for the SIP is made by link1. When falls the >first link I do aSNAT for leaving for my destination link2. That would break the datagram stream, because the globally visible tuple will no longer be the same. >What happens is that when it happens I monitor the network interface >eth2 with tcpdump and it still leaving the source as the link1 link2 >and not as it should be. Evenas I mark the target 0x2 table mangle and >a SNAT in nat table NAT is applied to a NF connection, and all its packets. Since the pseudo connection does not end / a new NFCT does not start, there will be no automatic update of the tuples. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
