search for: pre_routing

Hello, I''m stuck IPSECing my wireless network at home and would appreciate any comments. I appologize in advance if I''m wasting your time with trivia - I''m not a professional and staring at the problem for days from various angles hasn''t done me any good ... My home server/firewall (morannon) is hooked up through an USB to ethernet adapter (eth1) to my DSL

https://bugzilla.netfilter.org/bugzilla/show_bug.cgi?id=400 ------- Additional Comments From kaber@trash.net 2006-01-25 12:55 MET ------- Please add a LOG rule to PRE_ROUTING in the mangle table and post the output. BTW, are you using hardware checksumming (check with ethtool) on the underlying ethernet device? -- Configure bugmail: https://bugzilla.netfilter.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee...

Poking around in the bridge latency issue I have, I discovered this netfilter patch. http://patchwork.netfilter.org/netfilter-devel/patch.pl?id=2751 In my case I was getting a slew of ip_local_deliver: bad skb: PRE_ROUTING LOCAL_IN LOCAL_OUT POST_ROUTING entries. I didn''t see this on the list so I posted for reference. Regards, Ted _______________________________________________ Xen-devel mailing list Xen-devel@lists.xensource.com http://lists.xensource.com/xen-devel

...------------------------------------------------------------------------- Status|NEW |ASSIGNED ------- Additional Comments From laforge@netfilter.org 2003-02-14 09:02 ------- This is a really hard issue. The problem is that we _need_ to defragment at NF_IP_PRE_ROUTING in order to have the be able to do connection tracking. So at this point we would need to save the sizes of all individual fragments. This would enable us to re-fragment to exactly the same size at POST_ROUTING. Another obvious approach was to check for IP_DF and see if it is bigger than the MT...

...in the prerouting stage but I really need to use the classify command which only works in the postrouting. Does any one have a patch for 2.6 kernel, latest pom and iptables 1.3.5 so time matching can occur in the post routing? machinenemae login: ipt_time loading ipt_time: error, only valid for PRE_ROUTING, LOCAL_IN, FORWARD and OUTPUT) many thanks william

...in the prerouting stage but I really need to use the classify command which only works in the postrouting. Does any one have a patch for 2.6 kernel, latest pom and iptables 1.3.5 so time matching can occur in the post routing? machinenemae login: ipt_time loading ipt_time: error, only valid for PRE_ROUTING, LOCAL_IN, FORWARD and OUTPUT) many thanks william

...ts were partially or totally overlapped? Another approach could be the following: if the DF flag is set in the fragments of a packet, the maximum length fragment determines the fate of the whole packet during routing. A possible solution could be to save the maximum length of fragments in PRE_ROUTING. Then we can use this maximum length to re-fragment on POST_ROUTING (possibly producing more or less fragments than received) and we can set the DF flag on fragments. In this way NAT can shrink or enlarge packets without causing any problem. (yes, I know... my English is terrible... ;) )...

Hello guys I don''t know if this thing has been posted before (if it was , please forgive me). I have 7 computers at home and I want all of them to have access to the internet. In order to do that , I set up a linux router (2 network cards) as a usual router (eth0 : 82.77.69.75 - internet connection ; eth1 : 192.168.10.1 - local network) . The other computers have ips ranging from

https://bugzilla.netfilter.org/cgi-bin/bugzilla/show_bug.cgi?id=71 ------- Additional Comments From laforge@netfilter.org 2003-03-30 21:18 ------- First of all: You didn't even specify the particular kernel version you are running, not even mentioning which versions of which patches you are using (if any). Secondly, I don't see anything strange in this setup. DNAT with FTP sessions