Login or Register to Ask a Question and Join Our Community


Ubuntu

iptable forward packet

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems Linux Ubuntu iptable forward packet
# 1  
Old 02-15-2012
iptable forward packet
Hi,
I have the doubt which involved following configuration.
comp1<--->main<--->comp2
Comp1 sends icmp packet to main. Main takes that packet and changes destination address to comp2 and source address to it own.
I can capture the packet send from comp1 to main using netfilter. I can see the packet and its content. Then i modify the destination, source address and ip checksum successfully. But when i release it back to the kernel the packet never goes back to comp2. To release back packet i use nfq_set_verdict(....,NF_ACCEPT). If i capture packet from output chain of main when its sending ping reply back to comp1 my program modifies that packet and sends it to comp2 but if i capture packet from input chain of filter table than it does not forward that to modified address. I think this maybe because once the packet is in input chain of filter table modifying destination address means nothing. Can someone assist me how to forward packet from comp1 to comp2 through main.
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. AIX

Packet loss coming with big packet size ping

(5 Replies)
Discussion started by: Vishal_dba
5 Replies

2. UNIX for Advanced & Expert Users

Iptable and port forwarding

Hello, I have a routeur linksys (192.168.1.1 ) a firewall (192.168.1.55 IN ----> 192.168.2.254 OUT) which using iptable I want to acces to an equipment (lorex video camera serveur 192.168.2.44) which using an ddns service on the port 9000 So i don t know which redirection a will do on the... (2 Replies)
Discussion started by: tapharule
2 Replies

3. Red Hat

iptable port forwarding between two lan interface

Hi, How can I config iptables to allow port forwarding from one WAN interface to second lan interface . In my system I have one wan interface 61.93.204.56 (eth0),and lan interface 10.2.1.52(eth1) I want to make port forward port no 22 from 61.93.204.56 to port 22 , 10.2.1.52 , tcp and udp... (1 Reply)
Discussion started by: chuikingman
1 Replies

4. Red Hat

Need help with Iptable/Firewall on RHEL.

Hi Gurus, I am facing an issue with firewalls on one of my Linux Box. Issue : Port 8001 looks open to me and there is a weblogic process running on it netstat -alnp | grep 8001 tcp 0 0 ::ffff:3.20.247.165:8001 :::* LISTEN 28768/java lsof -ni... (5 Replies)
Discussion started by: rama krishna
5 Replies

5. Ubuntu

forward packet from input chain to output

Hi, I receive a packet at input chain of iptables in filter table. How can i forward that same packet exactly to the output chain of the iptables in filter table. I need this help desperately. Thanks. (0 Replies)
Discussion started by: arsipk
0 Replies

6. Ubuntu

Iptables forward traffic to forward chain!!!

Hi, I am new to linux stuff. I want to use linux iptables to configure rule so that all my incoming traffic with protocol "tcp" is forwarded to the "FORWARD CHAIN". The traffic i am dealing with has destination addresss of my machine but i want to block it from coming to input chain and somehow... (0 Replies)
Discussion started by: arsipk
0 Replies

7. Red Hat

How to route multiple IP addresses with IPTABLE command?

Hi, We have a router and devices for testing. We route devices with below command iptables -t nat -A PREROUTING -p tcp -d 0/0 --dport 80 -s 10.111.111.22 -j DNAT --to-destination 10.13.0.16:3128 where 10.111.111.22 is device IP. and 10.13.0.16 is our Linux box machine. Likewise we... (4 Replies)
Discussion started by: Dhruvak
4 Replies

8. IP Networking

unable to find iptable service

Hi Am trying to check the service of iptables using /etc/init.d/iptables status but I am not even getting this file. # /etc/init.d/iptables status -bash: /etc/init.d/iptables: No such file or directory # I tried to check whether iptables rpm is installed or not, and it is... (2 Replies)
Discussion started by: mangeshpardhi
2 Replies

9. UNIX for Dummies Questions & Answers

IPtable

Hi, Is het possible to block everyone (all IP addresses) except a given (white)list? How can I do this? Regards, Kevin (2 Replies)
Discussion started by: kever
2 Replies

10. Linux

IPtable rule help need

Hi, I need to configure iptable such that whatever request comes to 192.168.0.4 needs to forwarded to 192.168.0.50 and only port 80 and 443 needs to be forwarded others need to be blocked.... Thanks gr8 forum:) (1 Reply)
Discussion started by: iron_michael86
1 Replies
Login or Register to Ask a Question

LEARN ABOUT PLAN9

lance

LANCE(3)						     Library Functions Manual							  LANCE(3)

NAME

       lance - LANCE Ethernet device

SYNOPSIS

       bind -a #l /net

       /net/ether/clone
       /net/ether/[0-7]
       /net/ether/[0-7]/data
       /net/ether/[0-7]/ctl
       /net/ether/[0-7]/stats
       /net/ether/[0-7]/type

DESCRIPTION

       The LANCE Ethernet interface is a directory containing 9 stream directories: one for each of 8 Ethernet packet types and a clone file.

       Each  stream  directory	contains files to control the stream, receive and send data, and supply statistics.  Incoming Ethernet packets are
       demultiplexed by packet type and passed up the corresponding open stream.  Reading from the data file reads packets  at	the  head  of  the
       stream.	 A read will terminate at packet boundaries.  Each write to the data file causes a packet to be sent.  The Ethernet address of the
       interface is inserted into the packet header as the source address.

       A stream is assigned a packet type by opening its ctl file and writing connect n where n is a decimal integer constant identifying the Eth-
       ernet  packet  type.   A value of -1 stands for all types.  If multiple streams are assigned to a given packet type a copy of the packet is
       passed up each stream.

       Reading the type file returns the decimal value of the assigned Ethernet packet type.  Reading the stats file  returns  status  information
       and the Ethernet address of the interface.

       An  interface  normally	receives  only	packets  whose	destination  address  is  that	of  the  interface  or	is  the broadcast address,
       ff:ff:ff:ff:ff:ff.  The interface can be made to receive all packets on the network by writing the string promiscuous to the ctl file.  The
       interface remains promiscuous until the control file is closed.	The extra packets are passed up only streams of type -1.

SOURCE

       /sys/src/9/port/devlance.c

																	  LANCE(3)