From: Ralf Spenneberg <lists@spenneberg.org>
To: SBlaze <dagent.geo@yahoo.com>
Cc: Netfilter <netfilter@lists.netfilter.org>
Subject: Re: Need help have some questions...
Date: 15 Aug 2003 12:02:46 +0200 [thread overview]
Message-ID: <1060941756.1712.21.camel@kermit> (raw)
In-Reply-To: <20030815092958.19403.qmail@web40208.mail.yahoo.com>
Hi,
Am Fre, 2003-08-15 um 11.29 schrieb SBlaze:
> I've been toying around with the idea of redirecting unwanted traffic to the
> discard surface. I'm having trouble understanding some concepts though. Could
> anyone please explain this in more detail or perhaps suggest a way to
> accomplish this.
>
> On the filter tables using IMPUT there is no way to change or alter the
> destination of packets and cause them to be sent to another port?
No. You cannot change the source or destination in the filter table. Use
the nat table for this. In the nat table you can change the source
(POSTROUTING) and the destination (PREROUTING, OUTPUT)
>
> Using the POSTROUTING chain in the nat table is impoosible to effectively
> filter traffic via specific matches due to the fact that POSTROUTED packets are
> sort of "lumped together" for lack of a better way to explain it?
You want the PREROUTING chain since you want to redirect (change the
destination).
And yes, when using NAT you only see the first packet of each connection
in the nat table. All other packets are automatically natted
identically.
Cheers,
Ralf
--
Ralf Spenneberg
RHCE, RHCX
Book: Intrusion Detection für Linux Server http://www.spenneberg.com
IPsec-Howto http://www.ipsec-howto.org
Honeynet Project Mirror: http://honeynet.spenneberg.org
next prev parent reply other threads:[~2003-08-15 10:02 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-08-15 9:29 Need help have some questions SBlaze
2003-08-15 10:02 ` Ralf Spenneberg [this message]
2003-08-15 22:09 ` SBlaze
[not found] <1061192932.1915.10.camel@kermit>
2003-08-18 20:13 ` SBlaze
2003-08-18 20:52 ` Ramin Dousti
2003-08-23 20:51 ` SBlaze
2003-08-25 3:24 ` Ramin Dousti
2003-08-25 20:05 ` SBlaze
2003-08-25 20:30 ` Ralf Spenneberg
2003-08-25 20:39 ` SBlaze
2003-08-25 20:57 ` Ralf Spenneberg
2003-08-25 22:40 ` Ramin Dousti
2003-08-25 22:53 ` SBlaze
2003-08-25 23:02 ` Ramin Dousti
2003-08-25 22:35 ` Ramin Dousti
2003-08-25 5:54 ` Ralf Spenneberg
2003-08-18 20:53 ` Wallwork, Nathan
2003-08-18 21:09 ` Ralf Spenneberg
2003-08-18 21:14 ` Frank Smith
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1060941756.1712.21.camel@kermit \
--to=lists@spenneberg.org \
--cc=dagent.geo@yahoo.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox