On Monday, March 19, 2007 5:02 PM, Patrick McHardy wrote:
Martin Schiller wrote:
To be more exactly, it's the examination of
ct-tuplehash[dir].tuple.dst.u.all !=
ct-tuplehash[!dir].tuple.src.u.all which is only be done if XFRM
is configured. Since I don't need this anyway, I deactivated XFRM
Martin Schiller wrote:
On Monday, March 19, 2007 5:02 PM, Patrick McHardy wrote:
Could you try this patch (against current -git) with CONFIG_XFRM
enabled please?
I've tried it and the ping is still working now with enabled CONFIG_XFRM.
Thanks for the patch.
Thanks for testing, I'll
Martin Schiller wrote:
To be more exactly, it's the examination of
ct-tuplehash[dir].tuple.dst.u.all != ct-tuplehash[!dir].tuple.src.u.all
which is only be done if XFRM is configured. Since I don't need this anyway,
I deactivated XFRM now and my ping -I is working now.
Could you try this
Martin Schiller wrote:
This patch changes the behaivor of the iptables nat module to the style
before release 2.6.16 so it is possible again to use the ping -I iface
target command to send icmp requests to a target for which no route
exists.
Please attach patches inline and send netfilter
On Thursday, March 15, 2007 9:51 AM, Patrick McHardy wrote:
diff -uNpr linux-2.6.19.org/net/ipv4/netfilter/ip_nat_standalone.c
linux-2.6.19/net/ipv4/netfilter/ip_nat_standalone.c
--- linux-2.6.19.org/net/ipv4/netfilter/ip_nat_standalone.c
2006-11-29 22:57:37.0 +0100
+++
Martin Schiller wrote:
Well, the really responsible code is the following:
static unsigned int
ip_nat_local_fn(unsigned int hooknum,
struct sk_buff **pskb,
const struct net_device *in,