SO_ORIGINAL_DST does not work in nat/OUTPUT anymore
Harald Welte
laforge at netfilter.org
Sun Jul 10 17:32:34 CEST 2005
On Sun, Jul 10, 2005 at 04:18:16PM +0200, Jens Hoelldampf wrote:
> Hi,
>
> the upstream patch from
>
> https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=91
>
> destroys the functionality of SO_ORIGINAL_DST for local generated
> packets. It returns the local address the connection is redirected to
> instead of the original destination address. As a result you cannot use
> local transparent proxies anymore.
ouch. It seems like we really need to revert that change and find a
different solution for conntrack unloading :(
Thanks for reporting this.
Patrick, are you already working on this?
> Should I open a new bug or reopen the old one?
please open a new one, since it's a different problem.
--
- Harald Welte <laforge at netfilter.org> http://netfilter.org/
============================================================================
"Fragmentation is like classful addressing -- an interesting early
architectural error that shows how much experimentation was going
on while IP was being designed." -- Paul Vixie
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : /pipermail/netfilter-devel/attachments/20050710/c399491d/attachment.bin
More information about the netfilter-devel
mailing list