Communication Redirect (Revised)

Communication Redirect (Revised)

[Sapient2003]

OpenBSD uses the packet filter pf to redirect communications to a 
program. Is ther anything like this for Linux? I tried IPTABLES for this 
task, like so: iptables -t filter -A INPUT -p udp -s 0/0 -d 66.47.159.11 
--destination-port 53 -j REDIRECT dns ... As it turns out, REDIRECT 
isn't for forwarding packets to another program...

Re: Communication Redirect (Revised)

[Cedric Blancher]

Le mer 30/04/2003 à 22:50, Sapient2003 a écrit :
> OpenBSD uses the packet filter pf to redirect communications to a 
> program. Is ther anything like this for Linux? I tried IPTABLES for this 
> task, like so: iptables -t filter -A INPUT -p udp -s 0/0 -d 66.47.159.11 
> --destination-port 53 -j REDIRECT dns ... As it turns out, REDIRECT 
> isn't for forwarding packets to another program...

Netfilter has no such feature. What you can do is have your program
listen to a local port and then redirect traffic to this local UDP port
53. If you have a DNS server listening on this port, you're done.

This is a basic stup for transparent proxying.

-- 
Cédric Blancher  <blancher@cartel-securite.fr>
IT systems and networks security - Cartel Sécurité
Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99
PGP KeyID:157E98EE  FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE