From mauricio.campiglia@gmail.com Mon May 18 00:43:49 2009 Return-Path: X-Original-To: crhalpin@localhost Delivered-To: crhalpin@localhost.home.crhalpin.org Received: from spiff.home.crhalpin.org (localhost [127.0.0.1]) by spiff.home.crhalpin.org (Postfix) with ESMTP id A66261CC3C for ; Mon, 18 May 2009 00:43:46 -0500 (CDT) Received: from crimson.cs.wisc.edu [128.105.6.43] by spiff.home.crhalpin.org with IMAP (fetchmail-6.3.9) for (single-drop); Mon, 18 May 2009 00:43:46 -0500 (CDT) Received: from shale.cs.wisc.edu (shale.cs.wisc.edu [128.105.6.25]) by crimson.cs.wisc.edu (8.14.1/8.14.1) with ESMTP id n4I5fnVL000994 for ; Mon, 18 May 2009 00:41:49 -0500 Received: from sabe.cs.wisc.edu (sabe.cs.wisc.edu [128.105.6.20]) by shale.cs.wisc.edu (8.14.1/8.14.1) with ESMTP id n4I5fn3s007221 for ; Mon, 18 May 2009 00:41:49 -0500 Received: from spiff.home.crhalpin.org (eagleheights-105-18.resnet.wisc.edu [146.151.105.18]) (authenticated bits=0) by sabe.cs.wisc.edu (8.14.1/8.14.1) with ESMTP id n4I5fnhh030486 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Mon, 18 May 2009 00:41:49 -0500 Received: by spiff.home.crhalpin.org (Postfix, from userid 1001) id 7473A1CC3C; Mon, 18 May 2009 00:41:43 -0500 (CDT) X-Original-To: crhalpin@localhost Old-Delivered-To: crhalpin@localhost.home.crhalpin.org Received: from spiff.home.crhalpin.org (localhost [127.0.0.1]) by spiff.home.crhalpin.org (Postfix) with ESMTP id 47C2F1CC3B for ; Sun, 17 May 2009 22:34:32 -0500 (CDT) Received: from crimson.cs.wisc.edu [128.105.6.43] by spiff.home.crhalpin.org with IMAP (fetchmail-6.3.9) for (single-drop); Sun, 17 May 2009 22:34:32 -0500 (CDT) Received: from shale.cs.wisc.edu (shale.cs.wisc.edu [128.105.6.25]) by crimson.cs.wisc.edu (8.14.1/8.14.1) with ESMTP id n4I3YS9m007520 for ; Sun, 17 May 2009 22:34:28 -0500 Received: from silica.cs.wisc.edu (silica.cs.wisc.edu [128.105.6.34]) by shale.cs.wisc.edu (8.14.1/8.14.1) with ESMTP id n4I3YSPn003380 for ; Sun, 17 May 2009 22:34:28 -0500 Received: from yx-out-2324.google.com (yx-out-2324.google.com [74.125.44.29]) by silica.cs.wisc.edu (8.14.1/8.14.1) with ESMTP id n4I3YQqn025545 for ; Sun, 17 May 2009 22:34:27 -0500 Received: by yx-out-2324.google.com with SMTP id 8so1539394yxb.51 for ; Sun, 17 May 2009 20:34:25 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:sender:from:to:subject:date :user-agent:mime-version:content-type:content-transfer-encoding :message-id; bh=mrCnj+peIRZyFKKUom45vtHHHalEHjngUu8ydLdXIQI=; b=Nos28h4Ki/p8AmLuXUIXnY08sJVz5cZfP7iobo92FgBcAaISCSmb+j/226Ei+CM1cN E/379QNgPRWBM0YC7x6zP5U4BfI7HBYnZEjm5LVOrQZuMYavm62xesV8Yq/wMeRSmNiO wlhgPUBIWpJa25vLEGPFSAY+xeYhS45LTQj94= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=sender:from:to:subject:date:user-agent:mime-version:content-type :content-transfer-encoding:message-id; b=G74tCLyIQKXgrQXPzZF94Mu3MBiPsEAYsLOz8YvF6tSVpv1DmfnBPJHznKvXtXt+vR vPizFC34icWwnEdzfLZ8q9qh3QWjpGRpfJnv7sa5bFOKMCnRH37Ev9zGWrphhgiOKvuv igizNl84V7Lb5mNiQc8hgdqbMPLIyVYRdli20= Received: by 10.90.86.10 with SMTP id j10mr5493898agb.59.1242617665125; Sun, 17 May 2009 20:34:25 -0700 (PDT) Received: from aldebaran.localnet (r190-64-27-81.dialup.adsl.anteldata.net.uy [190.64.27.81]) by mx.google.com with ESMTPS id 6sm12119406ywi.58.2009.05.17.20.34.23 (version=TLSv1/SSLv3 cipher=RC4-MD5); Sun, 17 May 2009 20:34:24 -0700 (PDT) Sender: Mauricio Campiglia From: Mauricio Campiglia To: chalpin@cs.wisc.edu Subject: Incorrect packet traversal path on your Netfilter page? Date: Mon, 18 May 2009 00:34:03 -0300 User-Agent: KMail/1.11.2 (Linux/2.6.26-2-686; KDE/4.2.2; i686; ; ) MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart2389499.aip7uZ08Kp"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200905180034.15041.mauricio@campiglia.org> (sfid-20090517_22343_E096A717) X-Seen-By: mailfromd 4.1 silica.cs.wisc.edu X-Virus-Status: No X-Virus-Checker-Version: clamassassin 1.2.4 with clamdscan / ClamAV 0.95.1/9365/Sat May 16 07:41:29 2009 X-CRM114-Version: 20090423-BlameSteveJobs ( TRE 0.7.5 (LGPL) ) MR-9B0B3C9E X-CRM114-CacheID: sfid-20090517_22343_E096A717 X-CRM114-Status: UNSURE ( 9.16 ) X-CRM114-Notice: Please train this message. X-TMDA-Confirm-Done: 1242617693.82104.1b4d37 X-TMDA-Released: Mon, 18 May 2009 00:41:42 -0500 X-RecFor-Recipient: chalpin@cs.wisc.edu --nextPart2389499.aip7uZ08Kp Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Corey, I have come across your Netfilter page [0]. Thanks for letting people=20 understand Netfilter in a simple and straightforward way. I have,=20 nevertheless, a couple of diferences on wich, afaik, are the correct=20 traversal of packets. Where you write: forwarded nat/PREROUTING -> filter/FORWARD -> nat/OUTPUT -> nat/POSTROUTING=20 outgoing filter/OUTPUT -> nat/PREROUTING -> nat/OUTPUT -> nat/POSTROUTING I think the correct flows are [1]: forwarded nat/PREROUTING -> filter/FORWARD -> nat/POSTROUTING=20 outgoing nat/OUTPUT -> filter/OUTPUT -> nat/POSTROUTING [0]http://pages.cs.wisc.edu/~chalpin/project/netfilter.html [1]http://pub1.zcjh.tpc.edu.tw:9100/computer/Lists/Discussion/Attachments/1= /PacketFlow.png Regards, Mauricio Campiglia =2D-=20 =C2=ABHistory is a vast early warning system.=C2=BB --Norman Cousins-- --nextPart2389499.aip7uZ08Kp Content-Type: application/pgp-signature; name=signature.asc Content-Description: This is a digitally signed message part. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux) iEYEABECAAYFAkoQ1ywACgkQ++X8pZRW0Wq8CgCgoi4ET6UwUuqNkiJX2SUVCNq5 zs8AniaI78P46h9ZFiUc+pxfapI2s0mF =/yJS -----END PGP SIGNATURE----- --nextPart2389499.aip7uZ08Kp--