[2906] in linux-net channel archive
Re: IP masquerading and fragmentation
daemon@ATHENA.MIT.EDU (Alan Cox)
Tue May 14 20:00:03 1996
From: Alan Cox <alan@cymru.net>
To: Nigel.Metheringham@theplanet.net (Nigel Metheringham)
Date: Tue, 14 May 1996 17:57:35 +0100 (BST)
Cc: alan@cymru.net, linux-net@vger.rutgers.edu, masq@lists.indyramp.com
In-Reply-To: <m0uJMvm-0006Y5C@dingo.theplanet.co.uk> from "Nigel Metheringham" at May 14, 96 05:26:37 pm
> A better solution would be to process the ICMP packet in some way.
> The only possibility would be that the ip_masquerade table was
> searched for all hosts that were speaking to that target, and each of
> those was sent a copy of the ICMP packet. This obviously has some
> problems such as a proliferation of ICMP packets, and it appears that
> the code to handle this would break the modularity of the ip code
> very effectively!
If you get an unreach or similar frame you get the ip header and 8 bytes +
of tcp.udp header back. So you can demux it (same as if it was really for
you and you had to demux to a socket).
Alan
