* return flow NAT table on POSTROUTING
@ 2006-05-15 14:50 Amin Azez
2006-05-15 18:44 ` Patrick McHardy
0 siblings, 1 reply; 2+ messages in thread
From: Amin Azez @ 2006-05-15 14:50 UTC (permalink / raw)
To: netfilter-devel
I've observed on kernel 2.6.11.7 that return flows for SNAT'd
connections do not pass through the NAT chain in the POSTROUTING table.
They do however pass through the MANGLE chain in the POSTROUTING table.
Is this to be expected?
(Of course the original flow did pass through the NAT chain which is how
the SNAT occurred).
Sam
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: return flow NAT table on POSTROUTING
2006-05-15 14:50 return flow NAT table on POSTROUTING Amin Azez
@ 2006-05-15 18:44 ` Patrick McHardy
0 siblings, 0 replies; 2+ messages in thread
From: Patrick McHardy @ 2006-05-15 18:44 UTC (permalink / raw)
To: Amin Azez; +Cc: netfilter-devel
Amin Azez wrote:
> I've observed on kernel 2.6.11.7 that return flows for SNAT'd
> connections do not pass through the NAT chain in the POSTROUTING table.
>
> They do however pass through the MANGLE chain in the POSTROUTING table.
>
> Is this to be expected?
>
> (Of course the original flow did pass through the NAT chain which is how
> the SNAT occurred).
Return traffic never goes through the NAT table, its too late to change
the mappings once the connection has been established.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2006-05-15 18:44 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-05-15 14:50 return flow NAT table on POSTROUTING Amin Azez
2006-05-15 18:44 ` Patrick McHardy
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.