From: Bill <boober95@rogers.com>
To: Adel Belhouane <bugs.a.b@free.fr>
Cc: Netfilter Users Mailing list <netfilter@vger.kernel.org>
Subject: Re: Connection tracking Cli and an ALG for DNS
Date: Wed, 2 Dec 2015 17:36:11 -0500 [thread overview]
Message-ID: <201512021736.11255.boober95@rogers.com> (raw)
In-Reply-To: <565ED22F.7070903@free.fr>
No worries, your comments got me thinking more about my problem, which is
always a good thing, thanks again.
/bill
On Wednesday 02 December 2015 06:12, Adel Belhouane wrote:
> Le 19/11/2015 19:52, Bill a écrit :
> > For reference here is my diagram again:
> >>>> local host dns/nat gateway remote host
> >>>> 192.168.20.171 192.168.20.170 192.168.30.172
> >>>> 192.168.30.170
> >>>> inside ----->>> nat >>> ------ outside
> >
> > As you can see, DNAT would no do for my requirements since I'd have to
> > add/delete iptables rules, which I supposed I could do, but doesn't seem
> > te right approach.
> >
> > Now since my original posting I have been reading code and have manged to
> > create an e'expect' connection by upgrading to the latest 4.4 kernel. In
> > this version I find the sample test 'create-expect' works.
> >
> > After succeeding with this I realize I may need to build a kernel module
> > for the expectation and have started looking at the kernel code for this,
> > such as those for FTP etc.
>
> I didn't get before that the "ALG" part was essential. I read a summary
> here:
> https://www.juniper.net/documentation/en_US/junos12.1x47/topics/concept/sec
>urity-alg-dns-overview.html
>
> So I still don't get exactly what you are looking for (sorry), but I
> realize it's related to DNS data content, not just connections. Sorry to
> have waisted your time with my replies and good luck with your project.
>
> > /bill
>
> regards,
> Adel BELHOUANE.
prev parent reply other threads:[~2015-12-02 22:36 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-11-04 18:32 Connection tracking Cli and an ALG for DNS Bill
2015-11-06 22:27 ` [Bulk] " Bill
2015-11-15 18:26 ` Adel Belhouane
2015-11-15 18:45 ` Adel Belhouane
2015-11-19 18:52 ` Bill
2015-12-02 11:12 ` Adel Belhouane
2015-12-02 22:36 ` Bill [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201512021736.11255.boober95@rogers.com \
--to=boober95@rogers.com \
--cc=bugs.a.b@free.fr \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox