[PATCH] SNAT anyip connections

wlanmac wlan at mac.com
Tue Jun 23 18:16:12 UTC 2009

Great feature, I can't wait to try it out! 

On Tue, 2009-06-23 at 18:11 +0200, Peter Warasin wrote:
> Hi List
> Attached is a patch which adds the option --uamnatanyip.
> If this option is enabled and anyip is also enabled, every anyip
> connection will be NATed to an ip address from the dynamic pool.
> For each new connection an ip address will be requested from the dynamic
> pool which then will be used to SNAT packets of that connection.
> This way host routes are not necessary anymore.
> This is useful if you have coova-chilli on the same host with a proxy or
> a firewall. When you have anyip enabled, that firewall/proxy will see
> connections coming from some external ip addresses, which will bypass
> your firewall configuration or forces you to disable filters.
> Enabling uamnatanyip NATs connections to your dynamic pool subnet, which
> allows you to work only with that subnet on the firewall/proxy.
> This patch is tested for 1.0.12, where it works flawlessly. The attached
> patch is ported to current svn, where I have some problems (hisip is
> always, but I have the same problems without this
> patch, so i assume the patch should be ok.
> If you like the 1.0.12 patch also, simply ask.
> peter
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: chilli-unsubscribe at coova.org
> For additional commands, e-mail: chilli-help at coova.org
> Wiki: http://coova.org/wiki/index.php/CoovaChilli
> Forum: http://coova.org/phpBB3/viewforum.php?f=4

More information about the Chilli mailing list