[tproxy] failure to apply snat mapping?
Fri, 23 Apr 2004 11:56:04 +0200
Hacked manual dnat support into the app and scheduled a time slot to restart
it, so this question is not all that important to me anymore right now, but
I'm still interested.
On Wed, Apr 21, 2004 at 07:35:37PM +0200, Lennert Buytenhek wrote:
> Let's say that I have an app that connects to IP address 126.96.36.199, and uses
> tproxy to fake the source address as 188.8.131.52. Bind the socket, then call
> into tproxy, and then connect() and ta da -- everything works as expected.
> Now I decide that that app should not connect to 184.108.40.206, but instead to
> 220.127.116.11. I don't want to modify the source and restart it, so I add a nat
> rule in the iptables nat/OUTPUT chain to DNAT the address to 18.104.22.168.
> The app now (unknowingly) connects to 22.214.171.124, that works fine. But.. the
> source address used for the connection is now the source address of the box
> and not anymore 126.96.36.199? :((
> Is this a case of "Don't do that, then!!"?
> I'm using "tproxy-2.4.22-1.1.3.diff" patched into a Red Hat 2.4.20 kernel
> (2.4.20-20.9 to be exact) on a uniproc P4 2.4GHz, 1G RAM.
> tproxy mailing list