Re: 4.0.1 NAT checksum failure?

>> Can anyone confirm or refute the theory that 4.0.1's NAT simply
>> doesn't get checksums right for addresses on alias networks [...]
> It's not exactly clear to me which is inbound and outbound in the
> example (it's also late in my tz, admitedly), but is it possible that
> because hardware TCP4 checksum is enabled the dumps don't report it
> properly yet output packets get the sum adjusted at actual delivery?

Well, not TCP4, because this isn't TCP; it happens even on pings.  But
presumably IP-layer checksums have similar bits.

It definitely is not as simple as I thought/feared it might be; I did
some more tests and found a test case where a ping from a non-alias
network does not get NATted correctly.  Now I need to figure out what
the _actually_ relevant difference between working and broken is. :-/

Also, it's not just checksum offload; all network interfaces on this
machine are configured with no checksum offload, even the ones that are
capable of doing it.  I definitely need to focus on the checksum code,
though since it's a checksum issue that's been obvious from the start.

/~\ The ASCII				  Mouse
\ / Ribbon Campaign
 X  Against HTML		mouse <at> rodents-montreal.org
/ \ Email!	     7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B