On Thu, Jul 17, 2003 at 10:14:43AM +0800, Stephen Bylo wrote: > If I want *existing* UDP connections to be diverted, I > need to change both the NAT table *and* the connection > tracking table, is this right? Can somebody tell me if > this can be done with iptables? Do I have to hack the > code? I may do so if need be. Is there another NAT > sollution out there that can do what I need? > Is using a NAT to divert existing UDP streams > technically possible? I think one way of doing this is to reduce the conntrack timeout for UDP to almost nihil so that you see the effect of adding 2 to the nat immidiately. But in that case UDP returns would not benefit from the implicit conntrack structure and you need to allow the return traffic explicitly. Ramin > > Thanx for your help. > Steve
