Pre-routing re-write

Pre-routing re-write

[Kevin Bailey]

I'm trying to get a re-write rule to occur after routing has occured.
My host has the address 192.168.10.1 and a gateway of 192.168.10.2
to 192.168.11.0/24.

The re-write rule I have is:

# Map 11 net to 10 net
iptables -t nat -A OUTPUT -d 192.168.11.0/24 -j NETMAP --to 192.168.10.0/24

It does the re-write but, as far as I can tell, isn't using the
default gateway to 192.168.11.0/24.

I assume a POSTROUTING rule might do this, but when I use the
POSTROUTING queue, it doesn't do the translation. Using mangle
or DNAT produce an error, not surprisingly.

Is there any way to do this ?

Re: Pre-routing re-write

[Michele Petrazzo - Unipex]

Kevin Bailey ha scritto:
> I'm trying to get a re-write rule to occur after routing has occured.
>  My host has the address 192.168.10.1 and a gateway of 192.168.10.2 
> to 192.168.11.0/24.
> 

Sorry, but this can be possible. The gw for a network class must be
inside the _same_ class!

> The re-write rule I have is:
> 
> # Map 11 net to 10 net iptables -t nat -A OUTPUT -d 192.168.11.0/24 
> -j NETMAP --to 192.168.10.0/24
> 
> It does the re-write but, as far as I can tell, isn't using the 
> default gateway to 192.168.11.0/24.
> 
> I assume a POSTROUTING rule might do this, but when I use the 
> POSTROUTING queue, it doesn't do the translation. Using mangle or 
> DNAT produce an error, not surprisingly.
> 
> Is there any way to do this ?


Where the packet starts? If you use nat + output you are saying to the
kernel to do a thing when a packet are generated locally.
Are you the gateway for another network (lan)?
However, It's not so well explained what you want to achieve.

Michele

Re: Pre-routing re-write

[Kevin Bailey]

On Fri, Oct 16, 2009 at 01:13:30PM +0200, Michele Petrazzo - Unipex wrote:
>
> Sorry, but this can be possible. The gw for a network class must be
> inside the _same_ class!

The gateway of 192.168.10.2 is quite reachable from 192.168.10.1.

> Where the packet starts? If you use nat + output you are saying to the
> kernel to do a thing when a packet are generated locally.
> Are you the gateway for another network (lan)?
> However, It's not so well explained what you want to achieve.

The packet will be originated locally. I was just asking if it was
possible for a packet that got re-written to be routed beforehand.

Re: Pre-routing re-write

[Michele Petrazzo - Unipex]

Kevin Bailey wrote:

(sorry for late reply, I was so busy)

> On Fri, Oct 16, 2009 at 01:13:30PM +0200, Michele Petrazzo - Unipex 
> wrote:
>> Sorry, but this can be possible. The gw for a network class must be
>>  inside the _same_ class!
> 
> The gateway of 192.168.10.2 is quite reachable from 192.168.10.1.
> 

 From your first email I didn't understand this

>> Where the packet starts? If you use nat + output you are saying to 
>> the kernel to do a thing when a packet are generated locally. Are 
>> you the gateway for another network (lan)? However, It's not so 
>> well explained what you want to achieve.
> 
> The packet will be originated locally. I was just asking if it was 
> possible for a packet that got re-written to be routed beforehand.

I continue to not understand what you want to do, however, for me no.
The packet has to pass all the chains and table and cannot re-enter
inside the kernel flow

Michele