Brendan Cully wrote:
I started something like this a while ago (posted at
<[EMAIL PROTECTED]> with a couple of replies
by Thomas Graf, but I can't seem to find it in the archives) but then
dropped the ball. It seems to work fairly well with a one-line kernel
patch to allow route lookup before the local address check. Oh, and I
didn't get traceroute working quite right either - I think there was
some trick to finding the source address for the generated reply.
I've got some info and code here: http://dsg.cs.ubc.ca/~brendan/remus/
Using your scripts as a starting point, and the one-liner kernel patch,
I was able
to get it mostly working as well. I also see trouble with traceroute
and agree
that the problem is getting the right source-address in the ICMP and/or
UDP response
packets.
I'm going to start digging into the kernel to see if there is some way I
can force the
response out the same interface as it came in from, and also to force
the source IP
to be the same as the port it is leaving on.
Thanks,
Ben
--
Ben Greear <[EMAIL PROTECTED]>
Candela Technologies Inc http://www.candelatech.com
-
To unsubscribe from this list: send the line "unsubscribe netdev" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
