Martin Schiller wrote:
> On Monday, March 19, 2007 5:02 PM, Patrick McHardy wrote:
>
>>Could you try this patch (against current -git) with CONFIG_XFRM
>>enabled please?
>
>
> I've tried it and the ping is still working now with enabled CONFIG_XFRM.
>
> Thanks for the patch.
Thanks for testi
On Monday, March 19, 2007 5:02 PM, Patrick McHardy wrote:
> Martin Schiller wrote:
>> To be more exactly, it's the examination of
>> "ct->tuplehash[dir].tuple.dst.u.all !=
>> ct->tuplehash[!dir].tuple.src.u.all" which is only be done if XFRM
>> is configured. Since I don't need this anyway, I deac
Martin Schiller wrote:
> To be more exactly, it's the examination of
> "ct->tuplehash[dir].tuple.dst.u.all != ct->tuplehash[!dir].tuple.src.u.all"
> which is only be done if XFRM is configured. Since I don't need this anyway,
> I deactivated XFRM now and my "ping -I" is working now.
Could you tr
Martin Schiller wrote:
> Well, the really responsible code is the following:
>
>
> static unsigned int
> ip_nat_local_fn(unsigned int hooknum,
> struct sk_buff **pskb,
> const struct net_device *in
On Thursday, March 15, 2007 9:51 AM, Patrick McHardy wrote:
> diff -uNpr linux-2.6.19.org/net/ipv4/netfilter/ip_nat_standalone.c
> linux-2.6.19/net/ipv4/netfilter/ip_nat_standalone.c
> --- linux-2.6.19.org/net/ipv4/netfilter/ip_nat_standalone.c
> 2006-11-29 22:57:37.0 +0100
> +++ linux-2.6
Martin Schiller wrote:
> This patch changes the behaivor of the iptables nat module to the style
> before release 2.6.16 so it is possible again to use the "ping -I
> " command to send icmp requests to a target for which no route
> exists.
Please attach patches inline and send netfilter related p
