|
In message <3.0.1.32.19990329224820.006aa4c4@xxxxxxxxxxxx> you write:
> In this section, you want to port the vs patch to kernel 2.2 still as
> a part of masqueradering code. I think it just need manually patching
> the vs to kernel 2.2, it will work.
It should; that code is very similar.
> All other that we need to do with ipchain is to use ipchain utility
> to specify some rules to let packets destined for virtual service pass
> to the masquerading code, at least not let packets filtered out.
There is the ability to "mark" skbuffs: an ipchains rule can alter the
"fwmark" field in the skb. A later stage (in your case, the virtual
server) can interpret these values.
This means you don't have to use any special version of ipchains
(although I've been thinking of allowing a short (4-char) arguments to
ipchains' -m option to make some things like this more friendly).
Rusty.
--
.sig lost in the mail.
|
