From mboxrd@z Thu Jan 1 00:00:00 1970 From: Andy Furniss Date: Sun, 11 Dec 2005 21:21:45 +0000 Subject: Re: [LARTC] UDP multicast stream and NAT Message-Id: <439C9869.2070409@dsl.pipex.com> List-Id: References: <20051207221003.32802.qmail@web60924.mail.yahoo.com> In-Reply-To: <20051207221003.32802.qmail@web60924.mail.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit To: lartc@vger.kernel.org Gabriel wrote: > Hi, my ISP is streaming some local concert using UDP > multicasting. I followed the instructions on the site which > described how to set VLC in order to view the stream, but > it didn't work. I am behind a Linux router/firewall doing > NAT. Using google, I quickly found out that the > netfilter/conntrack code doesn't support NATing multicast > traffic. I thought about bridging the internet facing > interface (eth0) and (one of) the internal interfaces (the > one my computer is plugged into). This way I could set my > IP to be public and no routing/NAT would be done on the > Linux box. The only problem is that the box has 2 more NICs > in it and there are other people connected to those NICs > that need to use that connection (hence need to be NATed). > > Then I tried thinking about a DMZ-like solution where my > box would be in the DMZ, but I can't see that working > either because I only have one public IP assigned. > > Can anyone think of any other way for me to be able to view > the stream? > > Thanks. > I also don't think the bridging will work. AIUI stateless NAT using ip doesn't work with 2.6 kernels so thinking about iptables only. Maybe you could get something working with the raw table, you can bypass conntrack with that but then I am not sure if you could dnat it ... There is another iptables target ROUTE maybe you could use that. If the LAN PC is running Linux then you could setup a vlan/tunnel/something and ROUTE it down there. I would also ask this on the netfilter users list. Andy. _______________________________________________ LARTC mailing list LARTC@mailman.ds9a.nl http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc