Login or Register to Ask a Question and Join Our Community


Ubuntu

iptable forward packet

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Ubuntu iptable forward packet
# 1  
Old 02-15-2012
iptable forward packet
Hi,
I have the doubt which involved following configuration.
comp1<--->main<--->comp2
Comp1 sends icmp packet to main. Main takes that packet and changes destination address to comp2 and source address to it own.
I can capture the packet send from comp1 to main using netfilter. I can see the packet and its content. Then i modify the destination, source address and ip checksum successfully. But when i release it back to the kernel the packet never goes back to comp2. To release back packet i use nfq_set_verdict(....,NF_ACCEPT). If i capture packet from output chain of main when its sending ping reply back to comp1 my program modifies that packet and sends it to comp2 but if i capture packet from input chain of filter table than it does not forward that to modified address. I think this maybe because once the packet is in input chain of filter table modifying destination address means nothing. Can someone assist me how to forward packet from comp1 to comp2 through main.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

Packet loss coming with big packet size ping

(5 Replies)
Discussion started by: Vishal_dba
5 Replies

2. UNIX for Advanced & Expert Users

Iptable and port forwarding

Hello, I have a routeur linksys (192.168.1.1 ) a firewall (192.168.1.55 IN ----> 192.168.2.254 OUT) which using iptable I want to acces to an equipment (lorex video camera serveur 192.168.2.44) which using an ddns service on the port 9000 So i don t know which redirection a will do on the... (2 Replies)
Discussion started by: tapharule
2 Replies

3. Red Hat

iptable port forwarding between two lan interface

Hi, How can I config iptables to allow port forwarding from one WAN interface to second lan interface . In my system I have one wan interface 61.93.204.56 (eth0),and lan interface 10.2.1.52(eth1) I want to make port forward port no 22 from 61.93.204.56 to port 22 , 10.2.1.52 , tcp and udp... (1 Reply)
Discussion started by: chuikingman
1 Replies

4. Red Hat

Need help with Iptable/Firewall on RHEL.

Hi Gurus, I am facing an issue with firewalls on one of my Linux Box. Issue : Port 8001 looks open to me and there is a weblogic process running on it netstat -alnp | grep 8001 tcp 0 0 ::ffff:3.20.247.165:8001 :::* LISTEN 28768/java lsof -ni... (5 Replies)
Discussion started by: rama krishna
5 Replies

5. Ubuntu

forward packet from input chain to output

Hi, I receive a packet at input chain of iptables in filter table. How can i forward that same packet exactly to the output chain of the iptables in filter table. I need this help desperately. Thanks. (0 Replies)
Discussion started by: arsipk
0 Replies

6. Ubuntu

Iptables forward traffic to forward chain!!!

Hi, I am new to linux stuff. I want to use linux iptables to configure rule so that all my incoming traffic with protocol "tcp" is forwarded to the "FORWARD CHAIN". The traffic i am dealing with has destination addresss of my machine but i want to block it from coming to input chain and somehow... (0 Replies)
Discussion started by: arsipk
0 Replies

7. Red Hat

How to route multiple IP addresses with IPTABLE command?

Hi, We have a router and devices for testing. We route devices with below command iptables -t nat -A PREROUTING -p tcp -d 0/0 --dport 80 -s 10.111.111.22 -j DNAT --to-destination 10.13.0.16:3128 where 10.111.111.22 is device IP. and 10.13.0.16 is our Linux box machine. Likewise we... (4 Replies)
Discussion started by: Dhruvak
4 Replies

8. IP Networking

unable to find iptable service

Hi Am trying to check the service of iptables using /etc/init.d/iptables status but I am not even getting this file. # /etc/init.d/iptables status -bash: /etc/init.d/iptables: No such file or directory # I tried to check whether iptables rpm is installed or not, and it is... (2 Replies)
Discussion started by: mangeshpardhi
2 Replies

9. UNIX for Dummies Questions & Answers

IPtable

Hi, Is het possible to block everyone (all IP addresses) except a given (white)list? How can I do this? Regards, Kevin (2 Replies)
Discussion started by: kever
2 Replies

10. Linux

IPtable rule help need

Hi, I need to configure iptable such that whatever request comes to 192.168.0.4 needs to forwarded to 192.168.0.50 and only port 80 and 443 needs to be forwarded others need to be blocked.... Thanks gr8 forum:) (1 Reply)
Discussion started by: iron_michael86
1 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

net_inject_t

net_inject_t(9S)					    Data Structures for Drivers 					  net_inject_t(9S)

NAME

       net_inject_t - structure for describing how to transmit a packet

SYNOPSIS

       #include <sys/neti.h>

INTERFACE LEVEL

       Solaris DDI specific (Solaris DDI).

DESCRIPTION

       The net_inject_t data structure passes information in to net_inject about how to transmit a packet. Transmit includes sending the packet up
       into the system as well as out of it.

STRUCTURE MEMBERS

	  mblk_t		  *ni_packet;	/* start of the packet */
	   struct sockaddr_storage ni_addr;	 /* address of next hop */
	   phy_if_t		   ni_physical;  /* network interface to use */

       ni_packet      Pointer to the first the mblk_t data structure that makes up this packet.

       ni_addr	      This field is only required to be initialized if NI_DIRECT_OUT is being used to transmit the  packet.  The  sockaddr_storage
		      field  must  be  set  to indicate whether the destination address contained in the structure is IPv4 (cast ni_addr to struct
		      sockaddr_in) or IPv6 (cast ni_addr to struct sockaddr_in6).

       ni_physical    The physical interface where the packet will be injected.

ATTRIBUTES

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Committed 		   |
       +-----------------------------+-----------------------------+

SEE ALSO

       net_inject(9F), netinfo(9F), attributes(5)

SunOS 5.11							    1 May 2008							  net_inject_t(9S)