>On Thursday, February 28, 2013 01:26:52 AM Donghua Liu wrote: >> Hi, >> >> Say if I set a netfilter rule by "iptables -t nat -A custom_chain -p >> tcp -dport 80 -j DNAT --to-destination 127.0.0.1:1234" for some >> requirement. >> >> I also have a LKM which will check the availablity of service >> "127.0.0.1:1234" and how can I cancel the rule's operation(Do NOT >> delete this rule), let the packet go as usual ignore the nat. > >Assuimg '-j RETURN' is valid, put the rule in chain 'custchainNAT' by itself >and add a jump to that chain from custom_chain. To disable the nat, insert >(via -I 1) a '-j RETURN' rule in 'custchainNAT' before the NAT rule. To re- >enable it, delete the RETURN rule. I couldn't get the reply so I have to write a new email(I do not know why, that's really strange) Thanks for your reply, Neal Murphy. But what I want to do is how to implement in the kernel module not command line. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
