|
Hello,
I am totally confused about the whole SNAT, snat_reroute, NFCT, etc. I have
downloaded Julian's NFCT patch for my kernel (centos 4.4
2.6.9-42.0.10.ELsmp), patched/built/installed the kernel, echoed 1 >
/proc/sys/net/ipv4/vs/conntrack & and snat_reroute, wrote an iptables rule
that looks like this: iptables -t nat -A POSTROUTING -p tcp -s $MYIP -d $RIP
--dport $SOMEPORT -j SNAT --to-source $DEFAULTGATE, sent the appropriate
traffic that should get caught and manipulated by the previous rule,
experienced no results, googled, read all kinds of stuff about this topic,
and was left totally confused.
My question is:
Does the NFCT patch allow you to do an iptables style SNAT to traffic
leaving the LVS box, or does it allow you to route the packets using the
ip2route suite?
If it does not enable iptables style SNAT then does the patch provided by
Janusz Krzysztofik at http://www.icnet.pl/download/ip_vs_dr-conntrack.patch
allow you to at least do an iptables style SNAT to LVS-DR type packets?
I apologize if I sound &^$^&*^ but I have been working on this for two days
now and haven't gained any ground and my head is just swimming and I don't
know what to believe anymore.
Thanks.
_________________________________________________________________
Have Some Fresh Air Fun This March Break
http://local.live.com/?mkt=en-ca/?v=2&cid=A6D6BDB4586E357F!147
|
