Source IP NAT
puneet_kumar kumar
puneet_kumar_kumar at yahoo.com
Tue Jul 31 00:01:49 UTC 2018
Hi,
I am trying to change the IP of a TCP packet coming from client and send it to a server. Client ----->freebsd box --> Server. Let's say packet coming out from client has source IP: 1.1.1.1 and dst IP: 1.1.1.10, I am changing the IP of that packet to 1.1.1.100 in ether_input function. Reason behind changing it in ether_input is to do this NAT prior to hit any IPFW rule.
Problem is that packet is not been seen on server. I did check the code path taken without changing ip and with changing ip all the way to ipfw code and it looks like it is not dropping there. I am also recalculating the ip checksum so this cant be an issue either. Can someone suggest me what I am doing wrong?
Puneet
More information about the freebsd-ipfw
mailing list