Question: LSRR?
Pol Muaddib
muaddib@mailandnews.com
Sat, 7 Jul 2001 14:08:32 +0200
Hi,
Well i don't really want to touch the packets themselves on the firewall,
just want the linux to function as a normal router. when i use traceroute
with LSRR, it doesn't forward my packets. (i use the linux as a masquerading
box). do you know what is the problem.
Maybe i explicitly have to tell netfilter to forward the packets?
* - * - *
Tzahi Fadida
Tzahi@mailandnews.com
Fax (+1 Outside the US) 240-597-3213
* - * - * - * - * - *
-----Original Message-----
From: netfilter-admin@lists.samba.org
[mailto:netfilter-admin@lists.samba.org]On Behalf Of Fabrice MARIE
Sent: Saturday, July 07, 2001 7:14 AM
To: Pol Muaddib; netfilter@us5.samba.org
Subject: Re: Question: LSRR?
On Saturday 07 July 2001 10:03, Pol Muaddib wrote:
> can netfilter handle LSRR and can it masq LSRR? if so why doesn't it masq
> my LSRR requests? (i tried to use known software like Visualroute 5.3, but
> it doesn't do the trick).
Hello,
It all depend what you call "handling LSRR"...
There is an experimental match 'ipv4options' that will allow you to match
packets with LSRR option set :
"IPV4OPTIONS v1.2.2 options:
--ssrr (match strict source routing flag)
--lsrr (match loose source routing flag)
--no-srr (match packets with no source routing)
[!] --rr (match record route flag)
[!] --ts (match timestamp flag)"
But it needs more testing. I've tested sucessfully record route
flag, but not really the others. Give it a try and let me know
if it doesn't work.
I haven't written the corresponding target yet. Meaning for now
you cannot mangle LSRR or SSRR flags within netfilter yet.
Have a nice day,
Fabrice.
--
Fabrice MARIE
R&D Engineer
Celestix Networks
http://www.celestix.com/
"Silly hacker, root is for administrators"
-Unknown