[tproxy] cttproxy-2.4.25-1.9.3 + nat_delete

Andrew Ivins aivins@swiftel.com.au
Tue, 27 Apr 2004 15:22:38 +0800

Hi, this may be a question for KOVACS Krisztian:

I have experimented with binding to a foreign source address using =
cttproxy-2.4.25-1.9.3 and the foreign-tcp-connect program. However I =
skipped the nat_delete part of the patch as I was not able to apply it. =
Foreign-tcp-connect actually works perfectly with the peer seeing the =
spoofed address. However after working, it will consistently fail for =
several minutes. Then it will work once and the cycle will repeat. I'm =
guessing this has something to do with the nat_delete patch I skipped.

>From the mailing list archives:

> The nat_delete patch has been adapted to the new TCP window-tracking
> patch by Jozsef Kadlecsik, so this patch needs the current
> tcp-window-tracking module from the Netfilter Patch-o-matic NG =
> If you don't want do do that, 04-nat_delete.patch can be skipped =

I tried this. The tcp-window-tracking patch seemed to apply to the =
vanilla 2.4.25 kernel successfully. However the 04-nat_delete.patch =
still fails to apply (included below)

Any chance of a list of the which patches need to be applied to make =
cttproxy-2.4.25-1.9.3 apply cleanly including 4-nat_delete.patch?



/usr/src/linux# patch -p1 < =
patching file net/ipv4/netfilter/ip_conntrack_core.c
Hunk #1 FAILED at 357.
1 out of 4 hunks FAILED -- saving rejects to file =
patching file net/ipv4/netfilter/ip_nat_core.c
Hunk #2 succeeded at 285 with fuzz 1.
patching file net/ipv4/netfilter/ip_conntrack_proto_tcp.c
patching file net/ipv4/netfilter/ip_conntrack_standalone.c
Hunk #1 FAILED at 508.
1 out of 1 hunk FAILED -- saving rejects to file =
patching file include/linux/netfilter_ipv4/ip_conntrack.h
Hunk #3 FAILED at 263.
1 out of 3 hunks FAILED -- saving rejects to file =