]> git.baikalelectronics.ru Git - kernel.git/commit
projects / kernel.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: bdf947d) | patch
IPVS: make friends with nf_conntrack
authorHannes Eder <heder@google.com>
Fri, 23 Jul 2010 10:46:32 +0000 (12:46 +0200)
committerPatrick McHardy <kaber@trash.net>
Fri, 23 Jul 2010 10:46:32 +0000 (12:46 +0200)
commitd255020a2f0d081a6eb2475ff54a353c18f15230
tree65172fb8eec92848efee3b76f32ff3dabc4c84fatree | snapshot
parentbdf947d4ce6df11d23bf1cc064d6c86eab3f3d96commit | diff
IPVS: make friends with nf_conntrack

Update the nf_conntrack tuple in reply direction, as we will see
traffic from the real server (RIP) to the client (CIP).  Once this is
done we can use netfilters SNAT in POSTROUTING, especially with
xt_ipvs, to do source NAT, e.g.:

% iptables -t nat -A POSTROUTING -m ipvs --vaddr 192.168.100.30/32 --vport 80 \
  -j SNAT --to-source 192.168.10.10

[ minor fixes by Simon Horman <horms@verge.net.au> ]
Signed-off-by: Hannes Eder <heder@google.com>
Signed-off-by: Simon Horman <horms@verge.net.au>
Signed-off-by: Patrick McHardy <kaber@trash.net>
net/netfilter/ipvs/Kconfig diff | blob | history
net/netfilter/ipvs/ip_vs_core.c diff | blob | history
net/netfilter/ipvs/ip_vs_xmit.c diff | blob | history
Linux Kernel Source Tree.