* Translation of addresses inside ICMP errors
[not found] ` <CAHQn7pLfLuYS=XC1SYxYNPxL35aMD_pU8dd6mFt-FFRiqsrAAg@mail.gmail.com>
@ 2012-03-13 10:10 ` Dāvis
2012-03-13 20:58 ` Dāvis
0 siblings, 1 reply; 2+ messages in thread
From: Dāvis @ 2012-03-13 10:10 UTC (permalink / raw)
To: netfilter
When packets are NATed (in very typical case with SNAT when leaving
internal network) their IP addresses in IP header are adjusted. ICMP
error messages sent via router (running netfilter and doing translation)
however contain unmodified "IP Header + First 8 Bytes of Original
Datagram's Data" of packets sent in internal network (i.e. IP addresses
inside ICMP error messages aren't translated). Is this expected behavior
of netfilter? Is it possible to translate IP addresses inside ICMP
messages using netfilter?
^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Translation of addresses inside ICMP errors
2012-03-13 10:10 ` Translation of addresses inside ICMP errors Dāvis
@ 2012-03-13 20:58 ` Dāvis
0 siblings, 0 replies; 2+ messages in thread
From: Dāvis @ 2012-03-13 20:58 UTC (permalink / raw)
To: netfilter
I am sorry - looks like netfilter DO translate IP addresses inside ICMP
error messages.
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-03-13 20:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <CAHQn7pLfzDNrEsUawtqeE_yyeqKpUp4n-E=mTaghwdRoJWo5oQ@mail.gmail.com>
[not found] ` <CAHQn7pLfLuYS=XC1SYxYNPxL35aMD_pU8dd6mFt-FFRiqsrAAg@mail.gmail.com>
2012-03-13 10:10 ` Translation of addresses inside ICMP errors Dāvis
2012-03-13 20:58 ` Dāvis
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.