netfilter: Redirecting incoming udp packets to other port

netfilter: Redirecting incoming udp packets to other port

Post by murug » Tue, 12 Dec 2006 14:56:49



Hi,
    I want to redirect incoming udp packets comming to router to only
go out from a praticular port. will it be possible by using iptables
command. will the command change skbuff contents and tuple. Do reply
packets  will be the routed properly.

scenario

client ------------> router -------------------->server
         <-----------           <--------------------

if receive a orignal udp packet from client from client port x to
router port y, can i use the same port y to forward to server (y acting
as source port) and then receive the reply packet to  port y as
destination and successfully forward to client port x.

will the cmd like will work
iptables -A POSTROUTING -t nat -p udp --dport y --sport y -j MASQUERADE

can any one give idea

thanks in advance
murugan

 
 
 

1. pb setting up iptables for redirecting incoming UDP packets to LAN (voip)

Hi there,

I tried to set up a crude configuration of iptables to be able to use
a VoIP client (Ericsson phone doubler, pc2phone) on the windows 98 of
my LAN, using a linux redhat redhat 7.3 connected to internet (with a
fixed IP number) :

    LAN                                         Internet
_________________        ______________
|               |        | redhat 7.3 |
| machine win 98| __eth__| iptables   |__ppp0__

  IP: 10.0.0.3 >>         <<IP:10.0.0.1
                                fixed IP>>

To redirect the incoming UDP packets to the LAN, i consider using
iptables (after loading ip_tables, iptable_filter, ip_conntrack,
ip_conntrack_ftp modules) and flushing the tables, with the following
rules (from iptables-save) :

*nat
:PREROUTING ACCEPT [327:17663]
:POSTROUTING ACCEPT [157:8999]
:OUTPUT ACCEPT [15:971]

-A PREROUTING -i ppp0 -p udp -j DNAT --to-destination 10.0.0.3
-A PREROUTING  -i ppp0 -p tcp -j DNAT --to-destination 10.0.0.3
-A POSTROUTING -o ppp0 -j MASQUERADE
*filter
:INPUT ACCEPT [923:163570]
:FORWARD ACCEPT [8592:2056629]
:OUTPUT ACCEPT [406:57892]

the VoIP client got working but after a few second the windows 98
crashes.

Any idea ? Should i add some rules to test the packets ?

ps : I know, i know, but security questions are not the matter in here

2. Internet FastStart SCO Openserver 5.0.5

3. Ignore all incoming udp/ip and udp/ip on all ports, except open ports?

4. gcc/g++ missing <math.h> ?!

5. Transparent port reassigning of UDP on incoming/outgoing packets?

6. difference between two dates

7. Question: on iptables and opening a port for incoming tcp/udp packets

8. Solaris/x86 Installation Frustration

9. incoming udp packet from 0.0.0.0 ?

10. What are these UDP packets from port 3130 to port 7?

11. Using ipchains to redirect UDP packets?

12. Q: how can I redirect UDP packets?

13. ipchains/TCP/UDP, Why should I open UDP ports so that my TCP ports can work?