* recent match and DNAT.
@ 2006-10-19 2:11 Wakko Warner
2006-10-19 2:51 ` Robby Workman
0 siblings, 1 reply; 3+ messages in thread
From: Wakko Warner @ 2006-10-19 2:11 UTC (permalink / raw)
To: netfilter
Is it possible to use the recent match and dnat to dynamically forward
incoming packets destined for a specific port (ident in this case) to the
machine that initiated the connection? Or is anything like this possible at
all?
--
Lab tests show that use of micro$oft causes cancer in lab animals
Got Gas???
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: recent match and DNAT.
2006-10-19 2:11 recent match and DNAT Wakko Warner
@ 2006-10-19 2:51 ` Robby Workman
2006-10-19 10:48 ` Wakko Warner
0 siblings, 1 reply; 3+ messages in thread
From: Robby Workman @ 2006-10-19 2:51 UTC (permalink / raw)
To: netfilter
Wakko Warner wrote:
> Is it possible to use the recent match and dnat to dynamically forward
> incoming packets destined for a specific port (ident in this case) to the
> machine that initiated the connection? Or is anything like this possible at
> all?
There may very well be a way to do it, but if there is, I can't
seem to find it, and I know of at least one other person who's
messed with it. Best I can tell, midentd on the gateway is going
to be your best option.
You might find this useful as well - I wrote it up quite some
time ago, but coupled with midentd, I think you'll have a
workable solution.
http://howtos.rlworkman.net/irc-identd
RW
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: recent match and DNAT.
2006-10-19 2:51 ` Robby Workman
@ 2006-10-19 10:48 ` Wakko Warner
0 siblings, 0 replies; 3+ messages in thread
From: Wakko Warner @ 2006-10-19 10:48 UTC (permalink / raw)
To: Robby Workman; +Cc: netfilter
Robby Workman wrote:
> Wakko Warner wrote:
> >Is it possible to use the recent match and dnat to dynamically forward
> >incoming packets destined for a specific port (ident in this case) to the
> >machine that initiated the connection? Or is anything like this possible
> >at
> >all?
>
> There may very well be a way to do it, but if there is, I can't
> seem to find it, and I know of at least one other person who's
> messed with it. Best I can tell, midentd on the gateway is going
> to be your best option.
> You might find this useful as well - I wrote it up quite some
> time ago, but coupled with midentd, I think you'll have a
> workable solution.
> http://howtos.rlworkman.net/irc-identd
I was looking for a pure netfilter way of doing it. But it's no big deal
really, I have ident forwarded to one machine which is most likely to be the
source of the outgoing packets anyway.
--
Lab tests show that use of micro$oft causes cancer in lab animals
Got Gas???
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2006-10-19 10:48 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2006-10-19 2:11 recent match and DNAT Wakko Warner
2006-10-19 2:51 ` Robby Workman
2006-10-19 10:48 ` Wakko Warner
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.