All of lore.kernel.org
 help / color / mirror / Atom feed
From: "Ranjeet Shetye" <ranjeet.shetye@zultys.com>
To: netfilter@lists.netfilter.org
Subject: RE: Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ?
Date: Fri, 13 Dec 2002 09:45:58 -0800	[thread overview]
Message-ID: <000901c2a2cf$7f2730c0$0100a8c0@zultys.com> (raw)
In-Reply-To: <3DF9CC70.3080603@istitutocolli.org>


Hi Andrea,

I was hoping that the answer would be "Yes, IPTables can do it", but I
think you are right. As a matter of fact, I have been looking into the
NetFilter code for the last couple of days and I was hoping that I
didn't need to hack the kernel code (cos its not documented). But it
looks like I will have to.

Anyways, I will take my query to the developer-mailing list and post a
reply here once everything is sorted out. In the meantime if anyone has
an architectural overview of Netfilter, one that maps out the
interactions between the various components and layers, I'd really
really like to get my hands on it!

Thanks for your help, Andrea.

Ranjeet Shetye
Senior Software Engineer
Zultys Technologies
771 Vaqueros Avenue
Sunnyvale  CA  94085
USA
Ranjeet.Shetye@Zultys.com
http://www.zultys.com/

 


> -----Original Message-----
> From: netfilter-admin@lists.netfilter.org 
> [mailto:netfilter-admin@lists.netfilter.org] On Behalf Of 
> Andrea Rossato
> Sent: Friday, December 13, 2002 4:03 AM
> To: netfilter@lists.netfilter.org
> Subject: Re: Does IPTables have a 1:1 port-forwarding 
> capability for a DNAT port-range ?
> 
> 
> Ranjeet Shetye wrote:
> > The reason for wanting a 1:1 rule is for X windows and 
> other fat port 
> > ranges. Dont want hundreds of rules in there if one can do the job. 
> > Can IPTables do it ? If so how ? If not, I guess I'll have 
> to get in 
> > touch with the developers for tips on a good starting point.
> 
> I believe that the only way is to hack nat code.
> I will start looking in
> net/ipv4/netfilter/ip_nat_core.c
> and the function manip_pkt that, as far as I understand, is 
> actually writing the NATed packet andrea
> 
> 




  reply	other threads:[~2002-12-13 17:45 UTC|newest]

Thread overview: 7+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2002-12-13  0:34 Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ? Ranjeet Shetye
2002-12-13  9:02 ` Query.... redirecting traffic Paul Gibson
2002-12-13  9:47   ` Sander Sneekes
2002-12-13  9:57     ` Paul Gibson
2002-12-13 12:02 ` Does IPTables have a 1:1 port-forwarding capability for a DNAT port-range ? Andrea Rossato
2002-12-13 17:45   ` Ranjeet Shetye [this message]
  -- strict thread matches above, loose matches on Subject: below --
2002-12-13  0:24 Ranjeet Shetye

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='000901c2a2cf$7f2730c0$0100a8c0@zultys.com' \
    --to=ranjeet.shetye@zultys.com \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.