At long last! full support of ipfilter on linux is HERE.
guess what? NAT is working!
Darren sent me this patch!
im using ipfilter 4.1.6 and RedHat 9 though.
thanks darren for this wonderful software and finally i can scap
iptables for good! :D
From: Darren Reed <[EMAIL PROTECTED]>
Date: March 2, 2005 1:10:46 AM GMT+08:00
To: Jett Tayer <[EMAIL PROTECTED]>
Subject: Re: ipfilter: nat on linux
Try this patch for size.
You should remove Linux/ip_nat.c after applying the patch to
make
sure that file gets rebuilt and the .o's recompiled.
Darren
Index: ip_nat.c
===================================================================
RCS file: /devel/CVS/IP-Filter/ip_nat.c,v
retrieving revision 2.195.2.31
diff -c -r2.195.2.31 ip_nat.c
*** ip_nat.c 19 Feb 2005 15:22:48 -0000 2.195.2.31
--- ip_nat.c 22 Feb 2005 17:08:02 -0000
***************
*** 4022,4028 ****
* fast forwarding (so that it doesn't need to be recomputed)
but with
* header checksum offloading, perhaps it is a moot point.
*/
! #if !defined(_KERNEL) || defined(MENTAT) || defined(__sgi) ||
defined(__osf__)
if (nat->nat_dir == NAT_OUTBOUND)
fix_incksum(fin, &fin->fin_ip->ip_sum, nat->nat_ipsumd);
else
--- 4022,4029 ----
* fast forwarding (so that it doesn't need to be recomputed)
but with
* header checksum offloading, perhaps it is a moot point.
*/
! #if !defined(_KERNEL) || defined(MENTAT) || defined(__sgi) ||
\
! defined(__osf__) || defined(linux)
if (nat->nat_dir == NAT_OUTBOUND)
fix_incksum(fin, &fin->fin_ip->ip_sum, nat->nat_ipsumd);
else
--
Jett Tayer
Chikka Asia, Inc.
3104-B, East Tektite Towers,
Philippine Stock Exchange Center
Exchange Road, Ortigas
Pasig City, Philippines
tel:+632 757.2640
fax: +632 7572633
[EMAIL PROTECTED]
