Nat before routing decision

All of lore.kernel.org
 help / color / mirror / Atom feed

* Nat before routing decision
@ 2004-11-15 11:44 thomas.elsaesser
  2004-11-15 14:51 ` Jason Opperisano
  0 siblings, 1 reply; 3+ messages in thread
From: thomas.elsaesser @ 2004-11-15 11:44 UTC (permalink / raw)
  To: netfilter

Dear all,

I need src nat before the packet go to the routing decision.
How can i do it.

Kind Regards

Thomas


^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: Nat before routing decision
  2004-11-15 11:44 Nat before routing decision thomas.elsaesser
@ 2004-11-15 14:51 ` Jason Opperisano
  2004-11-15 15:17   ` John A. Sullivan III
  0 siblings, 1 reply; 3+ messages in thread
From: Jason Opperisano @ 2004-11-15 14:51 UTC (permalink / raw)
  To: netfilter

On Mon, 2004-11-15 at 06:44, thomas.elsaesser@lhsystems.com wrote:
> Dear all,
> 
> I need src nat before the packet go to the routing decision.
> How can i do it.
> 
> Kind Regards
> 
> Thomas

well, SNAT is only valid in POSTROUTING of the NAT table.  if you need
to apply alternate routing to a packet and translate it's source, you
can follow the theory of:

1) mark packet in PREROUTING of MANGLE
2) route based on MARK
3) SNAT packet in POSTROUTING of NAT

-j

--
"Another day, another box of stolen pens."
	--The Simpsons



^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: Nat before routing decision
  2004-11-15 14:51 ` Jason Opperisano
@ 2004-11-15 15:17   ` John A. Sullivan III
  0 siblings, 0 replies; 3+ messages in thread
From: John A. Sullivan III @ 2004-11-15 15:17 UTC (permalink / raw)
  To: Jason Opperisano; +Cc: Netfilter users list

On Mon, 2004-11-15 at 09:51, Jason Opperisano wrote:
> On Mon, 2004-11-15 at 06:44, thomas.elsaesser@lhsystems.com wrote:
> > Dear all,
> > 
> > I need src nat before the packet go to the routing decision.
> > How can i do it.
> > 
> > Kind Regards
> > 
> > Thomas
> 
> well, SNAT is only valid in POSTROUTING of the NAT table.  if you need
> to apply alternate routing to a packet and translate it's source, you
> can follow the theory of:
> 
> 1) mark packet in PREROUTING of MANGLE
> 2) route based on MARK
> 3) SNAT packet in POSTROUTING of NAT
<snip>
It has been a long time since I worked with it so I don't remember the
details but is the stateless NAT in iproute2 done before routing
decisions? - John
-- 
John A. Sullivan III
Chief Technology Officer
Nexus Management
+1 207-985-7880
john.sullivan@nexusmgmt.com
---
If you are interested in helping to develop a GPL enterprise class
VPN/Firewall/Security device management console, please visit
http://iscs.sourceforge.net 



^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2004-11-15 15:17 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-11-15 11:44 Nat before routing decision thomas.elsaesser
2004-11-15 14:51 ` Jason Opperisano
2004-11-15 15:17   ` John A. Sullivan III

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.