Re: packets dropped when using MASQ and QUEUE

All of lore.kernel.org
 help / color / mirror / Atom feed

From: "Mattias Rönnblom" <hofors@lysator.liu.se>
To: Jannes Faber <jafaber@zonnet.nl>
Cc: netfilter@lists.samba.org
Subject: Re: packets dropped when using MASQ and QUEUE
Date: 08 Sep 2002 19:21:56 +0200	[thread overview]
Message-ID: <m3r8g4e6rv.fsf@isengard.firemission.org> (raw)
In-Reply-To: <003101c255c3$bf468a10$3303a8c0@p951>

"Jannes Faber" <jafaber@zonnet.nl> writes:

> I experimented again with the scripts I wrote to do this, but it really
> doesn't work. If you NF_ACCEPT a packet without altering it, there is no
> problem and the masquerading works ok. But as soon as you try to NF_ACCEPT
> an altered packet it gets lost.
>
> On the other hand when you send a packet to the box itself (so there is no
> NAT), it works perfectly: including the altered packets.
> 
> I tried to refind the articles I read about it a few months back, but I
> couldn't find them again.
> 
> I think what you need is a new target that can alter the packets in
> kernel-space for you. Like the TOS target can alter the TOS bits, you need
> something like a REPLACE target or maybe even a REGEXP target. There already
> exists a string match extension (in patch-o-matic I think) that lets you
> search through the packet contents, but as far as I know not something to
> alter the packets.
> 

I'm in no need of any new targets. I don't want to alter any packets,
but rather only delay and occansionally drop packets. QUEUE would
work fine, if I only could get it to really work.

Kind regards,
        Mattias

     prev parent reply	other threads:[~2002-09-08 17:21 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
     [not found] <m3znv08kup.fsf@isengard.firemission.org>
     [not found] ` <008801c25446$89c61820$3303a8c0@p951>
2002-09-05 11:07   ` packets dropped when using MASQ and QUEUE Mattias Rönnblom
2002-09-06 16:37     ` Jannes Faber
2002-09-08 17:21       ` Mattias Rönnblom [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=m3r8g4e6rv.fsf@isengard.firemission.org \
    --to=hofors@lysator.liu.se \
    --cc=jafaber@zonnet.nl \
    --cc=netfilter@lists.samba.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.