From: Patrick McHardy <kaber@trash.net>
To: Venkata Narayana <mesg2nari@yahoo.com>
Cc: netfilter-devel@lists.netfilter.org
Subject: Re: REDIRECT changes DST address of the packet
Date: Tue, 26 Jul 2005 02:20:36 +0200 [thread overview]
Message-ID: <42E581D4.10402@trash.net> (raw)
In-Reply-To: <42E57CE5.4070202@trash.net>
[-- Attachment #1: Type: text/plain, Size: 638 bytes --]
Patrick McHardy wrote:
> Venkata Narayana wrote:
>
>> I am able to get the original dst address when I am
>> using tcp connection.
>> How can I get with UDP???
>
> Does this patch help? It should make SO_ORIGINAL_DST usable
> with UDP as well.
>
> diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
> --- a/net/ipv4/netfilter/ip_conntrack_core.c
> +++ b/net/ipv4/netfilter/ip_conntrack_core.c
> @@ -1310,9 +1310,8 @@ getorigdst(struct sock *sk, int optval,
> tuple.dst.u.tcp.port = inet->dport;
> tuple.dst.protonum = IPPROTO_TCP;
Please try this patch instead, I missed the above line.
[-- Attachment #2: SO_ORIGINAL_DST-udp.diff --]
[-- Type: text/x-patch, Size: 1245 bytes --]
[NETFILTER]: Make SO_ORIGINAL_DST usable for UDP
Signed-off-by: Patrick McHardy <kaber@trash.net>
---
commit 59740eead041f1e9c22555a5107bf9ca98a780da
tree a4d80f970e9fa526bff6c173cfe6d5a0610279a4
parent eb82d02518ac3a400663163995097749d91c7c4c
author Patrick McHardy <kaber@trash.net> Tue, 26 Jul 2005 02:19:09 +0200
committer Patrick McHardy <kaber@trash.net> Tue, 26 Jul 2005 02:19:09 +0200
net/ipv4/netfilter/ip_conntrack_core.c | 7 +++----
1 files changed, 3 insertions(+), 4 deletions(-)
diff --git a/net/ipv4/netfilter/ip_conntrack_core.c b/net/ipv4/netfilter/ip_conntrack_core.c
--- a/net/ipv4/netfilter/ip_conntrack_core.c
+++ b/net/ipv4/netfilter/ip_conntrack_core.c
@@ -1308,11 +1308,10 @@ getorigdst(struct sock *sk, int optval,
tuple.src.u.tcp.port = inet->sport;
tuple.dst.ip = inet->daddr;
tuple.dst.u.tcp.port = inet->dport;
- tuple.dst.protonum = IPPROTO_TCP;
+ tuple.dst.protonum = sk->sk_protocol;
- /* We only do TCP at the moment: is there a better way? */
- if (strcmp(sk->sk_prot->name, "TCP")) {
- DEBUGP("SO_ORIGINAL_DST: Not a TCP socket\n");
+ if (sk->sk_protocol != IPPROTO_TCP && sk->sk_protocol != IPPROTO_UDP) {
+ DEBUGP("SO_ORIGINAL_DST: Not a TCP/UDP socket\n");
return -ENOPROTOOPT;
}
next prev parent reply other threads:[~2005-07-26 0:20 UTC|newest]
Thread overview: 21+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-06-30 7:27 REDIRECT changes DST address of the packet Venkata Narayana
2005-06-30 8:08 ` Krzysztof Oledzki
2005-06-30 10:11 ` Peter Surda
2005-07-02 4:15 ` Venkata Narayana
2005-06-30 11:09 ` Jan Engelhardt
2005-07-25 4:54 ` Venkata Narayana
2005-07-25 23:59 ` Patrick McHardy
2005-07-26 0:20 ` Patrick McHardy [this message]
2005-07-26 8:27 ` Venkata Narayana
2005-07-26 9:31 ` KOVACS Krisztian
2005-07-26 9:51 ` Patrick McHardy
2005-07-26 10:06 ` KOVACS Krisztian
2005-08-01 14:24 ` Venkata Narayana
2005-07-23 4:55 ` Rate limit Venkata Narayana
2005-07-23 7:17 ` Netfilter Hook Venkata Narayana
2005-07-23 11:14 ` Rate limit Jan Engelhardt
2005-07-25 5:55 ` UDP Transparent Proxy Venkata Narayana
-- strict thread matches above, loose matches on Subject: below --
2005-06-30 7:29 REDIRECT changes DST address of the packet Venkata Narayana
2005-06-30 7:46 ` George Alexandru Dragoi
2005-07-05 15:46 ` Jason Lunz
2005-06-30 7:07 Venkata Narayana
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42E581D4.10402@trash.net \
--to=kaber@trash.net \
--cc=mesg2nari@yahoo.com \
--cc=netfilter-devel@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.