On Sun, Jul 21, 2002 at 08:38:12PM +0200, Martin Josefsson wrote:
> On Sat, 2002-07-20 at 22:54, Michael Richardson wrote:
>
> > 2) NAT and OE do not mix.
> > This is because the Connection Tracking system that NAT uses does not
> > cope with multihoming - it believes that if a packet leaves on interface
> > X, that it must return on interface X for the NAT to be un-done.
[...]
>
> To my knowledge, the iptables connectiontracking is interface
> independant, it doesn't care which interfaces packets come and go on. No
> information about interfaces is saved anywhere.
> I'm not so familiar with the NAT code but I can't find anything relating
> to interfaces there either.
Strongly seconded. And I've been to my ears in the conntrack code, for the
last few days. Nowhere do interfaces appear, except when specified explicitly
by the admin in certain iptables rulesets.
best regards
Patrick
_______________________________________________
Users mailing list
Users_at_lists.freeswan.org
http://lists.freeswan.org/mailman/listinfo/users
This archive was generated by hypermail 2.1.3 : Mon Jul 29 2002 - 05:20:25 CEST