Hi JF, On Thu, 12 Nov 2009, JF Cliche wrote:
> I am behind two NAT routers (Linksys running DD-WRT) with port > forwarding up to the machine running pmacct, and yet pmacct reports SSH > traffic to the forwarded port with the public (external, non-NATed) > addresses. I thought all traffic should be seen as coming from the > second router private address. Is pmacct (or underlying pcab library) > getting the public address from extra data encapsulated in the TCP > packets by the routers or in the SSH protocol? I've seen the opposite > problem being discussed in this forum, but not this... NAT usually affects only the source address of outbound connections, and the destination address of inbound ones. There's no need for it to change the source of your incoming (to the pmacct server) SSH connection, as its reply packets will still go back to the SSH client via the router, which is necessary in order to have their source IP natted. Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 760887 The Humanitarian Centre, Fenner's, Gresham Road, Cambridge CB1 2ES Aptivate is a not-for-profit company registered in England and Wales with company number 04980791. _______________________________________________ pmacct-discussion mailing list http://www.pmacct.net/#mailinglists