Under QNX 6.3 I can get IPFilter/IPNat up and running, but when I try to make use of them in application (SQUID and oops! proxy servers working in transparent mode) i get nothing useful.
To test what a problem is I write my own simple application:
it listens on port 1123 and waits for connection. After connection is accepted I try to determine what was the real destination.
First of all, rdr rule in my ipnat.conf looks like this:
rdr en1 0.0.0.0/0 port 123 → 10.0.1.7 port 1123 tcp
so any tcp connection targeting any host on port 123 gets redirected to my app. The NAT works perfectly and I always accept redirected connection.
Then the code itself:
struct natlookup natLookup, *natLookupP = &natLookup;
static int natfd = -1, r;
natLookup.nl_inport = my_sa.sin_port;
natLookup.nl_outport = client_sa.sin_port;
natLookup.nl_inip = my_sa.sin_addr;
natLookup.nl_outip = client_sa.sin_addr;
natLookup.nl_flags = IPN_TCP;
natfd = open(IPL_NAT, O_RDONLY, 0);
#define NEWSIOCGNATLCMD _IOWR('r', 63, struct natlookup *)
if ( SIOCGNATL == NEWSIOCGNATLCMD)
r = ioctl(natfd, SIOCGNATL, &natLookupP);
else
r = ioctl(natfd, SIOCGNATL, &natLookup);
#undef NEWSIOCGNATLCMD
if ( r < 0 ) {
/*NAT lookup failed*/
} else {
struct sockaddr_in sa;
memset(&sa,0, sizeof(sa));
sa.sin_addr = natLookup.nl_realip;
sa.sin_port = natLookup.nl_realport;
}The problem is that running “ipnat -l” I can see the connection is redirected and can see real destination. But as for program - it does not work 
The problem is that I always get r = 3 from ioctl() call, which means “nothing found”. Really - looking into what is in the natlookup structure after ioctl() call reveals that it stays untouched.
I tried different combinations filling the structure before call. I tried old semantics of call (passing pointer to structure instead of pointer to pointer).
Nothing seems to help me.
If someone faced this problem or has any ideas on the topic - I would really appreciate any help.
