Problem solved!!
NAT problem on 2.2.4 (Jan Panoch)
HellO! I trace out the problem a make a solution! The situation before: 1) packet from inet received 2) destination rewrite (INPUT_NAT) 3) packet is forwarded to internal net 4) response packet received from internal net 5) source rewrite (INPUT_NAT) 6) response packet is dropped by kernel (maybe in input fw chain - not passed to forward chain) and after: 1) packet from inet received 2) destination rewrite (INPUT_NAT) 3) packet is forwarded to internal net 4) response packet received from internal net 5) source rewrite (OUTPUT_NAT called from ip_forward) 6) response packet is forwarded to the internet The problem was, that in the response packet was by INPUT_NAT rewriting changed the source address and this packet was then not acceptable for kernel (to be forwarded..). As solution i add a call to NAT_OUTPUT rewriting to ip_forward ipv4 code. Before this a NAT_OUTPUT rewriting was made only for packet originated from localhost - now this rewriting is applying to all forwarded packets too. I make a 'patched' :-) version of Michael's 2.2.4 patch - if you want, you can get it here: http://www.maya.cz/nat/ I have tested my solution and i mean, it works as expected.. Enjoy Jan Panoch jap@maya.cz |
Messages
Outline:
I added your patch to the 'official' version by Michael Hasenstein, 4/09/99
