* iptables/advanced routing
@ 2001-09-07 19:14 Elmer Joandi
0 siblings, 0 replies; only message in thread
From: Elmer Joandi @ 2001-09-07 19:14 UTC (permalink / raw)
To: linux-kernel
[-- Attachment #1: Type: text/plain, Size: 683 bytes --]
2.4.2-ac3
ip rule : many rules
ip route: several tables
doing nat, tunnels, source address based routing, QoS
Problems:
1. ICMP packets do not pass advanced routing rules and tables, take default
route and associated outgoing source address from main table.
1. nat tunnel icmp fragmentation gets correct source address but bad
route
2. non-nat generated icmp gets also source address from main table.
3. itf main table does not have default, icmp source address decision
could go trough rules.
2. iptables does not accept SNAT in PREROUTING chain. Which makes ip rule
tables very long, much longer than it could be if source address would be
changed before routing.
[-- Attachment #2: Type: application/octet-stream, Size: 2 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2001-09-07 19:15 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2001-09-07 19:14 iptables/advanced routing Elmer Joandi
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).