* Matching UDP broadcasts using RELATED
@ 2004-01-04 2:14 yu5p97f02-O/bDAPVd7B0N+BqQ9rBEUg
2004-01-05 16:13 ` Loïc Minier
2004-01-05 16:16 ` Antony Stone
0 siblings, 2 replies; 3+ messages in thread
From: yu5p97f02-O/bDAPVd7B0N+BqQ9rBEUg @ 2004-01-04 2:14 UTC (permalink / raw)
To: netfilter-wool9L35kiczKOhml7GhPkB+6BGkLq7r
For protocols which work by initiating a request using a UDP broadcast and
expecting a reply for a specific host, is there any way to match the reply
back to the original broadcast.
An example of something that does this is smbmount, a request is broadcast to
the localnet with a port set to the netbios-ns port, and then smbmount expects
a reply from a particular host to the initiating port.
--
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Matching UDP broadcasts using RELATED
2004-01-04 2:14 Matching UDP broadcasts using RELATED yu5p97f02-O/bDAPVd7B0N+BqQ9rBEUg
@ 2004-01-05 16:13 ` Loïc Minier
2004-01-05 16:16 ` Antony Stone
1 sibling, 0 replies; 3+ messages in thread
From: Loïc Minier @ 2004-01-05 16:13 UTC (permalink / raw)
To: netfilter
yu5p97f02@sneakemail.com - Sun, Jan 04, 2004:
> For protocols which work by initiating a request using a UDP broadcast and
> expecting a reply for a specific host, is there any way to match the reply
> back to the original broadcast.
>
> An example of something that does this is smbmount, a request is broadcast to
> the localnet with a port set to the netbios-ns port, and then smbmount expects
> a reply from a particular host to the initiating port.
I think this should go in a conntrack module, but there's always the
possibility for you to write such rules manually with the "recent"
module. See ``iptables -m recent --help''.
Regards,
--
Loïc Minier <lool@dooz.org>
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: Matching UDP broadcasts using RELATED
2004-01-04 2:14 Matching UDP broadcasts using RELATED yu5p97f02-O/bDAPVd7B0N+BqQ9rBEUg
2004-01-05 16:13 ` Loïc Minier
@ 2004-01-05 16:16 ` Antony Stone
1 sibling, 0 replies; 3+ messages in thread
From: Antony Stone @ 2004-01-05 16:16 UTC (permalink / raw)
To: netfilter
On Sunday 04 January 2004 2:14 am, yu5p97f02@sneakemail.com wrote:
> For protocols which work by initiating a request using a UDP broadcast and
> expecting a reply for a specific host, is there any way to match the reply
> back to the original broadcast.
>
> An example of something that does this is smbmount, a request is broadcast
> to the localnet with a port set to the netbios-ns port, and then smbmount
> expects a reply from a particular host to the initiating port.
Not with the existing connection tracking code, no.
It shouldn't be too hard to write a conntrack helper for such a protocol which
enables reply packets to be recognised as Related, however - all it would
need to do is match:
destination IP = original source IP
destination port = original source port
source IP is within network range of original broadcast destination IP
source port = original destination port
If you wanted to do a 'quick and dirty' version then you could even not bother
about the source IP, and match packets where just the other three were
correct - this would then be an almost trivial hack of the current conntrack
code, I expect.
Regards,
Antony.
--
Ramdisk is not an installation procedure.
Please reply to the list;
please don't CC me.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2004-01-05 16:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2004-01-04 2:14 Matching UDP broadcasts using RELATED yu5p97f02-O/bDAPVd7B0N+BqQ9rBEUg
2004-01-05 16:13 ` Loïc Minier
2004-01-05 16:16 ` Antony Stone
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.