On 9 December 2016 at 00:57, Aswin S <[email protected]> wrote: > Hi , > > > I was trying to use the ct action ( actions=ct(table=252,zone=5001)) for a > packet which got modified in the pipeline, like I have swapped the layer 3 > and layer 4 parameters. But in the netfilter event log I couldn't see a > modified packet being received. > > If a packet is modified in the pipeline and when it is send to netfilter, > do we send the original one or the modified one when using ct action ?
It depends on where in the pipeline you modify the packet and where you send it to conntrack. Actions are executed in order, so I'd expect that if you modify l3/l4 fields before executing ct() action then conntrack should see the modified packet. Note that there was a netfilter events bug fixed a few months ago which may also explain why you don't see the modified packet. Consider upgrading to the latest version of your kernel, or using OVS 2.6 and its backport module. For reference, here's the commit: https://github.com/torvalds/linux/commit/d913d3a763a6f66a862a6eafcf6da89a7905832a _______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
