>> Maciej Soltysiak <solt@dns.toxicfilms.tv> writes:
>>
>> It looks like the relevant bit of code is:
>>
>> ip_nat_core.c:881 (in 2.4.20)
>> /* Redirects on non-null nats must be dropped, else they'll
>> start talking to each other without our translation, and be
>> confused... --RR */
>> if (hdr->type == ICMP_REDIRECT) {
>> /* Don't care about races here. */
>> if (info->initialized
>> != ((1 << IP_NAT_MANIP_SRC) | (1 <<
>> IP_NAT_MANIP_DST))
>>
>
> Apart from what you're saying, it should be:
>
> if (info->initialized
> & ((1 << IP_NAT_MANIP_SRC) | (1 <<
> IP_NAT_MANIP_DST))
>
> otherwise (maybe that's what Maciej is seeing) redirects for
> connections without natbindings
> will be dropped too.
Sorry this was wrong, it seems because of null_bindings every connection
has at least one
binding per direction.
Bye
Patrick
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/