[tproxy] failure to apply snat mapping?

KOVACS Krisztian hidden@balabit.hu
Fri, 23 Apr 2004 11:59:43 +0200


On Wed, 2004-04-21 at 19:35, Lennert Buytenhek wrote:
> Let's say that I have an app that connects to IP address, and uses
> tproxy to fake the source address as  Bind the socket, then call
> into tproxy, and then connect() and ta da -- everything works as expected.
> Now I decide that that app should not connect to, but instead to
>  I don't want to modify the source and restart it, so I add a nat
> rule in the iptables nat/OUTPUT chain to DNAT the address to
> The app now (unknowingly) connects to, that works fine.  But.. the
> source address used for the connection is now the source address of the box
> and not anymore :((

  Do you have "NAT of local connections" enabled or disabled?

   Krisztian KOVACS