Full header rewrite before local delivery
Jan Engelhardt
jengelh at computergmbh.de
Mon Aug 6 16:55:57 CEST 2007
On Aug 6 2007 16:44, Christophe Jelger wrote:
>
> This means I'd like to use ip_tables to do this full NAT but it
> seems that with the existing code one can only do SNAT in the
> postrouting while I need to do that before local delivery to the IP
> stack. Also I'd still like to use existing modules to NAT FTP, SIP,
> etc ...
I think you can do SNAT in the raw table (PREROUTING and OUTPUT),
before the conntrack tuple is assigned to the skb.
Jan
--
More information about the netfilter-devel
mailing list