From mboxrd@z Thu Jan  1 00:00:00 1970
From: =?iso-8859-1?Q?Sz=E1lka?= =?iso-8859-1?Q?_Tam=E1s?= <rontombontom@freestart.hu>
Date: Fri, 12 Sep 2003 19:07:25 +0000
Subject: Re: [LARTC] beginner question about imq
Message-Id: <marc-lartc-106339374313575@msgid-missing>
List-Id: <lartc.vger.kernel.org>
References: <marc-lartc-106318926529070@msgid-missing>
In-Reply-To: <marc-lartc-106318926529070@msgid-missing>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
To: lartc@vger.kernel.org

At 18:58 2003. 09. 12.=AD +0200, you wrote:

> >
> > With the IMQ NAT patch the order is reversed? The filtering on
> > de-masqueraded addresses is only possible, if NAT is b e f o r e IMQ, i=
sn't
> > it? Tom
>The nat in prerouting is also reponsible for rewriting the addresses of=20
>natted
>packets.  So you want IMQ after nat so the packets entering the imq device
>have the real ip address.
>
>Stef

What do mean by "real ip address"? So when the packet arrives into the imq,=
=20
the address in the packet is the local (i.e. 10.0.0.x) address?
Thanks
Tom



_______________________________________________
LARTC mailing list / LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/mailman/listinfo/lartc HOWTO: http://lartc.org/