From: Reuben Martin <reuben.m@gmail.com>
To: netfilter@vger.kernel.org
Subject: Re: NAT with forwarding to multiple destinations
Date: Thu, 16 Dec 2010 23:47:13 -0600 [thread overview]
Message-ID: <201012162347.13856.reuben.m@gmail.com> (raw)
I appoligize that this reply will probably not thread correctly, I just joined this list because I'm also looking for something like this. So I'm just pasting this from the web archive...
On Friday 2010-12-03 15:28:52, Jan Engelhardt wrote:
>On Thursday 2010-12-02 16:17, Alberto Quattrini Li wrote:
>
>>> The multiplexing you want is probably best done with a program that does
>>> just that - think of sprucing up rinetd.
>>
>>As far as I know, all of the programs like that are programs that run
>>as a process in the middle, so it introduces an overhead (because they
>>are in userspace and have to receive the packet and then process it
>>and finally forward it), whereas if it was processed by netfilter it
>>would be quicker and more efficient (actually some testing and
>>comparisons should be done, but in principle it ought to be so).
>>
>>However it seems that there doesn't exist any solution in netfilter.
>>Can you give me a reference (e.g. documentation and guides) to patch
>>netfilter with such functionality?
I'm looking for something like this as well. Specifically I need to be able to create a rule that will take packets sent to a given specified address & port and forward them to either an ip range or and ipset. An ipset is preferred because that way the destinations can be dynamically changed. I've tried several reflectors/forwarders and they generally suck. Futhermore none of them are dynamic (that I have found at least) And of course this limiting something like this to datagram packets would probably be a smart precaution.
Has anybody come up with something for this? I'm nowhere near competent enough to tackle something like this on my own. I'm a lousy hack. Basically my need for this is to be able to send a live rtp video stream to a dynamically changing group of unicast destinations. But changing destinations means stopping and restarting the stream. Doing this outside the streaming app gets around this. Multicasting is of course a great solution, but I have to hook into other peoples networks where I have no control over rules and layout, and there is rarely multicast support. And even where there is multicast support, I sometimes have to send through VPNs or subnet gateways where the multicast wouldn't reach anyway.
>
>You could write your own extension, based upon xt_TEE.
next reply other threads:[~2010-12-17 5:47 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-12-17 5:47 Reuben Martin [this message]
-- strict thread matches above, loose matches on Subject: below --
2010-12-02 12:38 NAT with forwarding to multiple destinations Alberto Quattrini Li
[not found] ` <4CF79516.9000003@coochey.net>
2010-12-02 12:49 ` Alberto Quattrini Li
2010-12-02 13:33 ` Jan Engelhardt
2010-12-02 15:17 ` Alberto Quattrini Li
2010-12-03 14:28 ` Jan Engelhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=201012162347.13856.reuben.m@gmail.com \
--to=reuben.m@gmail.com \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox