ak> Masquerading rules don't send ICMP messages.
ak> But there is another problem I first did think of. It means that
ak> Linux 2.1 will never send "normal" DEST_UNREACH/NET_UNREACH
ak> messages because that code uses icmp_send too. So we need to solve
ak> it.
That is exactly my problem. In the case of offline operation the server
also drops all masquerading rules. And even if I don't use firewall
reject rules and just have no route to a destination B set on the server
the client A will not get anything back (Network unreachable etc.)
if A tries to reach B via the server.
Sorry if I did not make this clear enough.
Steffen
-- home email: user@domain where domain=berlin.snafu.de, user=zahn Use of my address for unsolicited commercial advertising is forbidden. 2^3021377 - 1 | "Where do you want to crash today?"- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu