Linux netfilter NAT variable

Roman Vasilyev roman at
Wed Dec 8 05:52:32 MSK 2010


I've added very useful for me variable which helps get destination IP 
from netfilter NAT table, in this case we don't need to make extra 
resolving requests, adding code for this variable, is it useful for other?
Also I have question what best attributes for this var? I'm using 

static ngx_int_t
ngx_http_orig_ip(ngx_http_request_t *r, ngx_http_variable_value_t *v,
     uintptr_t data)
   struct sockaddr_in addr;
   socklen_t addr_sz = sizeof(addr);
   bzero(&addr, addr_sz);
   addr.sin_family = AF_INET;

   if (getsockopt(r->connection->fd, SOL_IP, SO_ORIGINAL_DST, &addr, 
&addr_sz) != 0) {
     ngx_log_error(NGX_LOG_ERR, r->connection->log, 0,
     "Couldn't read SO_ORIGINAL_DST from socket errno: %d", errno);
     return NGX_ERROR;

   v->data = ngx_palloc(r->pool, NGX_INET_ADDRSTRLEN);
   v->len=ngx_inet_ntop(AF_INET, &addr.sin_addr, v->data, 
   return NGX_OK;

More information about the nginx mailing list