On Linux 2.4.14 with the following iptables rule,
iptables -t nat -A POSTROUTING -o eth1 -p tcp -d $TARGET -j SNAT --to $NEW
tcpdump version 3.6.2 with libpcap 0.6.2 (Debian GNU/Linux versions)
shows the address on the wire for source addresses of IP packets, but
the destination address is displayed with NAT applied, which is
quit confusing.
Sample output ($ORIG is the local address without NAT). There is an
aliased interface for $NEW and $ORIG on the host on which tcpdump is
running. Running tcpdump on the destination host shows that only $NEW
is used.
20:51:12.421778 $NEW.3068 > $TARGET.119: SWE 3333853624:3333853624(0) win 5840 <mss 1460,sackOK,timestamp 70130986 0,nop,wscale 0> (DF)
[tos 0x10]
20:51:12.465066 $NEW.119 > $ORIG.3068: S 3130380818:3130380818(0) ack 3333853625 win 5792 <mss 1460,sackOK,timestamp 519229759 701309
86,nop,wscale 0> (DF)
20:51:12.465316 $NEW.3068 > $TARGET.119: . ack 3130380819 win 5840 <nop,nop,timestamp 70130991 519229759> (DF) [tos 0x10]
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Jan 31 2002 - 21:01:06 EST