All of lore.kernel.org
 help / color / mirror / Atom feed
From: Frederik Deweerdt <deweerdt@free.fr>
To: netfilter@lists.netfilter.org
Subject: T/TCP connections not NATed
Date: Mon, 4 Dec 2006 08:23:55 +0000	[thread overview]
Message-ID: <20061204082355.GF3136@slug> (raw)

Hi,

We're trying to use a home brewed T/TCP stack in addition to Linux plain
SNAT. Everything works as expected, except for the first packet, which
is not NATed. Communication is as follows:

	C		S
1.	SYN*
2.	DATA
3.			SYN/ACK*
4.	ACK*
5.	REST_OF_COM*

[*] The packet is NATed


Our hypothesis du jour, is that packet #2 is not NATed because it is
not currently part of a connection from netfilter point of view. Hence
my questions:
- Does our hypothesis seem you reasonable?
	- If yes, is it possible to tell NAT to ignore the connection
	tracking informations, and NAT all the packets getting out of
	a given interface
	- If not, what do you reckon could be the cause for having the
	#2 packet not NATed?

Thanks,
Frederik


             reply	other threads:[~2006-12-04  8:23 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2006-12-04  8:23 Frederik Deweerdt [this message]
2006-12-04 14:45 ` T/TCP connections not NATed Pascal Hambourg

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20061204082355.GF3136@slug \
    --to=deweerdt@free.fr \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.