* Translation of addresses inside ICMP errors [not found] ` <CAHQn7pLfLuYS=XC1SYxYNPxL35aMD_pU8dd6mFt-FFRiqsrAAg@mail.gmail.com> @ 2012-03-13 10:10 ` Dāvis 2012-03-13 20:58 ` Dāvis 0 siblings, 1 reply; 2+ messages in thread From: Dāvis @ 2012-03-13 10:10 UTC (permalink / raw) To: netfilter When packets are NATed (in very typical case with SNAT when leaving internal network) their IP addresses in IP header are adjusted. ICMP error messages sent via router (running netfilter and doing translation) however contain unmodified "IP Header + First 8 Bytes of Original Datagram's Data" of packets sent in internal network (i.e. IP addresses inside ICMP error messages aren't translated). Is this expected behavior of netfilter? Is it possible to translate IP addresses inside ICMP messages using netfilter? ^ permalink raw reply [flat|nested] 2+ messages in thread
* Re: Translation of addresses inside ICMP errors 2012-03-13 10:10 ` Translation of addresses inside ICMP errors Dāvis @ 2012-03-13 20:58 ` Dāvis 0 siblings, 0 replies; 2+ messages in thread From: Dāvis @ 2012-03-13 20:58 UTC (permalink / raw) To: netfilter I am sorry - looks like netfilter DO translate IP addresses inside ICMP error messages. ^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2012-03-13 20:58 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <CAHQn7pLfzDNrEsUawtqeE_yyeqKpUp4n-E=mTaghwdRoJWo5oQ@mail.gmail.com>
[not found] ` <CAHQn7pLfLuYS=XC1SYxYNPxL35aMD_pU8dd6mFt-FFRiqsrAAg@mail.gmail.com>
2012-03-13 10:10 ` Translation of addresses inside ICMP errors Dāvis
2012-03-13 20:58 ` Dāvis
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).