* SNAT on local interfaces?
[not found] <bbade2c10912030945ufb7dd78rac68fbb3147cc08f@mail.gmail.com>
@ 2009-12-03 17:47 ` Dave Malhotra
0 siblings, 0 replies; only message in thread
From: Dave Malhotra @ 2009-12-03 17:47 UTC (permalink / raw)
To: netfilter
I have a custom proxy which is being used to direct traffic based on
application layer data. The proxy receives connections from foreign
addresses and then proxies them to applications running on the local
machine--the same machine the proxy is running on.
The problem is that all the connections to applications appear to come
from the proxy server's ip address instead of the originating foreign
address. We need the source address to be the foreign address and
tried to use SNAT to do it. But apparent SNAT doesn't work when the
source and destination addresses are all on local interfaces.
When I do a tcpdump I see all the traffic that should be caught by the
SNAT rule appears on the loopback interface. When I check the rule no
packets are caught by it.
Is there anyway to get SNAT to work for local source and destination
address? Or is this some sort of limitation imposed by the kernel or
iptables?
thanks,
Dave
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2009-12-03 17:47 UTC | newest]
Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
[not found] <bbade2c10912030945ufb7dd78rac68fbb3147cc08f@mail.gmail.com>
2009-12-03 17:47 ` SNAT on local interfaces? Dave Malhotra
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).