From: Marek Kierdelewicz <marek@piasta.pl>
To: Jan Engelhardt <jengelh@medozas.de>
Cc: netfilter@vger.kernel.org,
Netfilter Developer Mailing List
<netfilter-devel@vger.kernel.org>
Subject: Re: new netfilter target - DNETMAP
Date: Fri, 7 Jan 2011 22:23:49 +0100 [thread overview]
Message-ID: <20110107222349.6503ed26@kuguar> (raw)
In-Reply-To: <alpine.LNX.2.01.1101070008590.19521@obet.zrqbmnf.qr>
>Hi,
Hi,
>Have you considered updating the NETMAP target inside the linux
>kernel instead?
Nope, I haven't thought about it. It's doable. Classic NETMAP
functionality could be available through some rule option.
>Your idea looks interesting in that I could envision it superseding
>DNAT, SNAT and NETMAP altogether.
Thanks :-).
>>Polite request to Jan Engelhardt for inclusion of the target into
>>xtables-addons.
>It would be nice if you could
> * resolve the inconsistencies in indentation. Specifically, use tabs
>...
> * wrap lines at 80 cols in xt_DNETMAP.man
Will do.
>The manpage mentions "If host 192.168.0.10 generates some traffic, it
>gets bound to first free IP in subnet - 20.0.0.0.". However,
>20.0.0.0 can be a network address and thus lead to problems.
Usage of network and broadcast addresses for NAT shouldn't pose
any kind of problems. I tested such setups in my networks. If you use
classic NETMAP to map wider address space to shorter one, you can also
have flows NATed to network and broadcast address of subnet specified
as a parameter of the NETMAP rule.
>Is there a way for the user to specify that the range to use
>should be 20.0.0.1-20.255.255.254 rather than 20.0.0.0-20.255.255.255?
Not yet, but module option could do a trick as long as it's really
necessary.
Best regards,
Marek Kierdelewicz
next prev parent reply other threads:[~2011-01-07 21:23 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20110107000259.775ba310@kuguar>
2011-01-06 23:25 ` new netfilter target - DNETMAP Jan Engelhardt
2011-01-07 21:23 ` Marek Kierdelewicz [this message]
2011-01-09 9:26 ` Marek Kierdelewicz
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20110107222349.6503ed26@kuguar \
--to=marek@piasta.pl \
--cc=jengelh@medozas.de \
--cc=netfilter-devel@vger.kernel.org \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).