Re: Entirely ignoring TCP and UDP checksum in kernel level

[Brad Campbell]

Josan Kadett wrote:
> Bad news... NAT does not work, but it should have worked. Where might be the
> mistake ? I put another machine connected next to the patched linux server,
> I sniff the traffic and see that:
> (I enabled SNAT);
>
> Packet arrives from 192.168.0.30 (new machine to test nat)
> The packet is correctly translated and sent over the line
> With the patch, the new packet seems to arrive from correct source 77.1
>
> *But this is where the problem begins, the system does not send the received
> packet to the address which is SNATted. I thought, the ip_input.c code would
> work in the lowest level so IPTABLES would naively use the changed source
> address...
>
> I do not know if ever this problem will end... 
>
>
> > Client A 192.168.0.20 -- connects to patched linux server
> > Linux 192.168.1.1 -- translates the source address 192.168.x.x to
>
> 1.1(SNAT)

You have 192.168.0.x NAT to 192.168.1.1?
I thought you wanted to NAT to 192.168.77.1?

My understanding was you sent a packet to 192.168.77.1 and the device sent it back from 192.168.1.1

Can you send me your iptables configuration?
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/