From mboxrd@z Thu Jan 1 00:00:00 1970 From: Rafa Garrido Subject: Re: NetBIOS dgm NAT Helper Date: Sat, 17 Sep 2005 02:53:09 +0200 Message-ID: <2b8e1997050916175339d88351@mail.gmail.com> References: <1126895937.6687.3.camel@localhost> Reply-To: rgarrido.l@gmail.com Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable Return-path: In-Reply-To: <1126895937.6687.3.camel@localhost> Content-Disposition: inline List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: netfilter-bounces@lists.netfilter.org Errors-To: netfilter-bounces@lists.netfilter.org Content-Type: text/plain; charset="us-ascii" To: netfilter@lists.netfilter.org It can that this patch of the last week help you: http://patchwork.netfilter.org/netfilter-devel/patch.pl?id=3D2859 It will be necessary to hope to that stable kernel appears. Greetings. On 9/16/05, John A. Sullivan III wrote: > We have encountered an unusual situation where NetBIOS datagram packets > (138/udp) are being passed through an IPSec tunnel on an iptables > firewall but they are also being NATted by the same firewall. It > appears there is IP information embedded in the NetBIOS header. Thus > NAT causes this protocol to break because the reply packets are sent to > the original IP address in the NetBIOS header rather than the NAT IP > address in the IP header. >=20 > I believe Cisco does have a NAT helper for NetBIOS but I have not seen > anything for iptables. Is there such a helper? Is there anyway for an > iptables firewall to NAT NetBIOS datagram packets? Thanks - John > -- > John A. Sullivan III > Open Source Development Corporation > +1 207-985-7880 > jsullivan@opensourcedevel.com >=20 > If you would like to participate in the development of an open source > enterprise class network security management system, please visit > http://iscs.sourceforge.net >=20 >=20 >