-
Notifications
You must be signed in to change notification settings - Fork 268
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
tcprewrite only checks packets against the first CIDR pair in the --srcipmap option #199
Comments
To assist reproduction, here is a base64 dump of the pcap file. The md5 checksum of the file is included:
|
fklassen
added a commit
that referenced
this issue
Dec 15, 2015
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
I originally found this with tcprewrite version 3.4.4, and verified it still exists on 4.1.0beta2. It looks like tcprewrite only checks packets against the first CIDR pair in the
--srcipmap
option. It may only be when dealing with host IPs (/32), but I wasn't able to test with wider ranges.I have a pcap with a two packets, each from a different source.
I try to rewrite both sources (.41 and .43) to my IP (.81) so I can stream it out without the switch complaining...
But it only checks the first mapping, not the second, and doesn't rewrite the second source (.43). Here's proof:
I tried it also without specifying CIDR form, just giving the IPs directly, and the same issue occurs:
I try to switch the order of the mapping, and this confirms that tcprewrite only appears to look at the first mapping:
The text was updated successfully, but these errors were encountered: