Re: Stateless NAT - Matin Tamizi

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Matin Tamizi <mtamizi@gmail.com>
To: NetFilter <netfilter@lists.netfilter.org>
Cc: Dharanikanth Dugginni <dharanikanthd@gmail.com>
Subject: Re: Stateless NAT
Date: Thu, 28 Jul 2005 16:54:51 -0400	[thread overview]
Message-ID: <f68a41605072813544f7fc705@mail.gmail.com> (raw)
In-Reply-To: <f68a416050609064333bebd9f@mail.gmail.com>

On 7/28/05, Dharanikanth Dugginni <dharanikanthd@gmail.com> wrote:
> Hello Matin,
> 
> I saw a post from you about Stateless NAT in linux and you concluded
> saying you found some solution, I am trying to do some thing similar
> to that, would you mind sharing the approach you have taken??
> 
> Thanks,
> -Dhar
> 

I had a *real* special situation since I'm doing this just for a
testbed.  I was able to get around stateless NAT by using ARP
poisoning to force a certain network topology.  This approach will
work but is not scalable and not recommended.

IMHO, you have the following options:
 1. Use a different firewall -- I'm sure you've heard suggestion before.
 2. Create a target module -- I couldn't figure out how to do this for
a static NAT, so please let me know if you do
 3. QUEUE the packets you want to NAT and use libipq to do the static NATing
 4. ARP poisoning (spoofing)

Let me know if you want me to post more information about 3 or 4.

-Matin

next prev parent reply	other threads:[~2005-07-28 20:54 UTC|newest]

Thread overview: 10+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-06-07 15:27 Stateless NAT Matin Tamizi
2005-06-08  1:40 ` Feizhou
2005-06-08  6:56   ` Guenter.Sprakties
2005-06-08  7:20     ` codewarrior
2005-06-09 13:43       ` Matin Tamizi
2005-07-28 20:54         ` Matin Tamizi [this message]
  -- strict thread matches above, loose matches on Subject: below --
2005-02-24 11:11 John A. Sullivan III
2005-02-24 16:43 ` Jozsef Kadlecsik
2005-02-24 16:56   ` Sven Schuster
2005-02-24 19:08     ` Jozsef Kadlecsik

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=f68a41605072813544f7fc705@mail.gmail.com \
    --to=mtamizi@gmail.com \
    --cc=dharanikanthd@gmail.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.