Re: Dynamically changing destination ip address using iptables - IMP

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This can be achievded by doing dynamic updation of
rule. When-ever any change in your desination address
then change the rule with new value without staring or
stoping iptable service command.


--- kavitha <fd99127@xxxxxxxxx> wrote:

> Hi,
>  
> We are trying to modify the TCP protocol a little
> but so that when a packet arrives at a router, it
> would be possible to read a particular field (lets
> say options or the reserved field) of the
> packet(that would give the actual path that the
> packet needs to take) and populate the destination
> ip address of that packet with the new ipadress read
> from this reserved field. I know that using dnat you
> can change the destination ipaddress of the packet
> but in my problem, I would not knwo the destination
> ipaddress prior (it would be dynamic) and it would
> change with every packet - so I would not be able to
> use a static ip address in the iptables rule. So I
> wanted to know if there is anyt way to get around
> this , or if iptables would not provide a solution
> to thsi problem at all . I knwo this can be done
> using raw sockets but adding a single line (as in
> iptables) seems to be a better proposition than
> writing pages of code. Basically, I want to know if
> there is a way to dynamically configure
>  the destination ipaddress that a packet is being
> routed to by mapping certain other bits of the same
> packet coming in. 
>  
> It would really help if someoen can provide some
> information in this regard. Any pointers too would
> really be useful.I looked at the man pages and
> searched the internet but was not able to come
> across any rela examples where such a thing may have
> been used.
>  
> Thanks for your time! Please let me know if you need
> more clarifications!
> Kavitha
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam
> protection around 
> http://mail.yahoo.com 
> 



		
____________________________________________________
Start your day with Yahoo! - make it your home page 
http://www.yahoo.com/r/hs
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux