I've been trying to use the SIOCSTPUT ioctl on /dev/ipnat to create temporary NAT mappings/sessions changing the source address of outgoing connections. My test program is attached. If anyone could tell me where I might be going wrong, I'd very much appreciate it.
What I'm trying to do is, in C, make an outgoing connection to somewhere (DEST_HOST) from some arbitrary source address (SPOOF_HOST) which is not configured on my network card. DEST_HOST will have its default route set to me, so the return traffic will make it back to me. (In reality there will be many SPOOF_HOSTs and a few DEST_HOSTs.) Currently observed results are that a session appears in the output of ipnat -lv as follows, but, looking at the packets on the wire, no address transformation seems to happen: unknown(0000) 1.1.1.1 35375 <- -> 2.2.2.2 35375 [3.3.3.3 9999] In this example, 1.1.1.1 was the real local IP, 2.2.2.2 was the SPOOF_HOST and 3.3.3.3 was the DEST_HOST. It's entirely possible that I simply have some fields the wrong way around, but I've tried a few different permutations and what I'm using at the moment follows the ipnat(7i) man page as I understand it. The ipfilter service is definitely running (the ioctl gives me EIO when it isn't) and the uname is "SunOS sisyphus 5.10 Generic_127128-11 i86pc i386 i86pc" (isainfo -k says amd64). Any ideas? :-) This message posted from opensolaris.org _______________________________________________ networking-discuss mailing list [email protected]
