My "monitor" is trying to do this (receiving on the socket and then trying apply rules...) But rules are not applied and packets are all received by the socket. How to force rules to be applied for the special source address? Thanks. -----Message d'origine----- De : Alex Satrapa [mailto:alex@xxxxxxxxxxxxxxxx] Envoyé : mercredi 11 février 2004 04:00 À : zze-Proxy GRALL O ext FTRD/SVA/LAN Cc : netfilter@xxxxxxxxxxxxxxxxxxx Objet : Re: Apply rules to 1 UDP port but port used as a socket: possible? zze-Proxy GRALL O ext FTRD/SVA/LAN wrote: > I'm trying to use a socket (on port 1727) to decode some proprietary > UDP > packets. When I've decoded them I want to apply a DNAT rule (and then a > SNAT too) to this port using a filter on @IP:port source for all > following packets... So do you have Machine F which is the firewall, and machines A, B and C which are the ultimate destinations, and you want to have UDP packets from machine X (elsewhere) being sent to A, B or C by F based on some information in the first packet F receives from a new host X? You could write your "monitor" to set up new rules based on the first packets that arrive, with the remainder being "deflected" by the firewall rules.
