LARTC
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[LARTC] Use l7-filter on router performing NAT?

from [John Philips] [Permanent Link][Original]
To: l7-filter-users@lists.sourceforge.net
Subject: [LARTC] Use l7-filter on router performing NAT?
From: John Philips <johnphilips42@yahoo.com>
Date: Wed, 17 Jan 2007 08:37:43 -0800 (PST)
Cc: lartc@mailman.ds9a.nl, l7-filter-developers@lists.sourceforge.net
Delivered-to: sp-com-lists@consult.net
Delivered-to: lartc-list@securepoint.com
Delivered-to: lartc@outpost.ds9a.nl
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=X-YMail-OSG:Received:Date:From:Subject:To:Cc:MIME-Version:Content-Type:Content-Transfer-Encoding:Message-ID; b=kNYZ1WLqXdIkITZTBgjwcyWsnywrGx0kg/TrllHrqdFRQZjOuqnJ7C2/F1k0AtYlJRK5GYCcDif42ovtMSTc/RWvWA0vckFtIecOfhzfMHmnuKkePlZjYwDTcvwFaPmULDHoOF32mplRL2SHFeX4I1AnOkYLvJzc2StloudiYOQ=;
List-archive: <http://mailman.ds9a.nl/pipermail/lartc>
List-help: <mailto:lartc-request@mailman.ds9a.nl?subject=help>
List-id: "Mailinglist of the Linux Advanced Routing &amp; Traffic Control project" <lartc.mailman.ds9a.nl>
List-post: <mailto:lartc@mailman.ds9a.nl>
List-subscribe: <http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=subscribe>
List-unsubscribe: <http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=unsubscribe>
Sender: lartc-bounces@mailman.ds9a.nl 
Hey guys,

Here's an easy one.

Is it possible to use the l7-filter extension on a box
that performs NAT?  The HOWTO says the filter only
works 100% of the time if it can see both sides of the
connection.  I tried putting the l7 MARK rules in the
POSTROUTING chain on a box that does NAT and it does
successfully mark some packets.  I'm not 100% sure if
it's working, or if it should work this way.

I've searched the mailing list archives and Google but
haven't found an answer.

Thanks!


 
____________________________________________________________________________________
Never miss an email again!
Yahoo! Toolbar alerts you the instant new Mail arrives.
http://tools.search.yahoo.com/toolbar/features/mail/
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [LARTC] egress bandwidth not limited / limited extremely inaccurately, Marek Kierdelewicz
Next by Date:  [LARTC] restricting bandwidth using TC, Mike Pearson
Previous by Thread:  [LARTC] bridge and ipp2p question, Roberto Pereyra
Next by Thread:  Re: [l7-filter-developers] [LARTC] Use l7-filter on router performing NAT?, Amin Azez
Indexes:  [Date] [Thread] [Top] [All Lists]