From: Reuben Martin <reuben.m@gmail.com>
To: netfilter@vger.kernel.org
Subject: Re: NAT with forwarding to multiple destinations
Date: Thu, 16 Dec 2010 23:47:13 -0600 [thread overview]
Message-ID: <201012162347.13856.reuben.m@gmail.com> (raw)
I appoligize that this reply will probably not thread correctly, I just joined this list because I'm also looking for something like this. So I'm just pasting this from the web archive...
On Friday 2010-12-03 15:28:52, Jan Engelhardt wrote:
>On Thursday 2010-12-02 16:17, Alberto Quattrini Li wrote:
>
>>> The multiplexing you want is probably best done with a program that does
>>> just that - think of sprucing up rinetd.
>>
>>As far as I know, all of the programs like that are programs that run
>>as a process in the middle, so it introduces an overhead (because they
>>are in userspace and have to receive the packet and then process it
>>and finally forward it), whereas if it was processed by netfilter it
>>would be quicker and more efficient (actually some testing and
>>comparisons should be done, but in principle it ought to be so).
>>
>>However it seems that there doesn't exist any solution in netfilter.
>>Can you give me a reference (e.g. documentation and guides) to patch
>>netfilter with such functionality?
I'm looking for something like this as well. Specifically I need to be able to create a rule that will take packets sent to a given specified address & port and forward them to either an ip range or and ipset. An ipset is preferred because that way the destinations can be dynamically changed. I've tried several reflectors/forwarders and they generally suck. Futhermore none of them are dynamic (that I have found at least) And of course this limiting something like this to datagram packets would probably be a smart precaution.
Has anybody come up with something for this? I'm nowhere near competent enough to tackle something like this on my own. I'm a lousy hack. Basically my need for this is to be able to send a live rtp video stream to a dynamically changing group of unicast destinations. But changing destinations means stopping and restarting the stream. Doing this outside the streaming app gets around this. Multicasting is of course a great solution, but I have to hook into other peoples networks where I have no control over rules and layout, and there is rarely multicast support. And even where there is multicast support, I sometimes have to send through VPNs or subnet gateways where the multicast wouldn't reach anyway.
>
>You could write your own extension, based upon xt_TEE.
next reply other threads:[~2010-12-17 5:47 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-17 5:47 Reuben Martin [this message]
-- strict thread matches above, loose matches on Subject: below --
2010-12-02 12:38 NAT with forwarding to multiple destinations Alberto Quattrini Li
[not found] ` <4CF79516.9000003@coochey.net>
2010-12-02 12:49 ` Alberto Quattrini Li
2010-12-02 13:33 ` Jan Engelhardt
2010-12-02 15:17 ` Alberto Quattrini Li
2010-12-03 14:28 ` Jan Engelhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201012162347.13856.reuben.m@gmail.com \
--to=reuben.m@gmail.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.