Hello. I'm searching if I can do (or why not) a connectionless port forwarding. Google didn't help me, and now I'm using a std port forwarding using nat tables, but a smaller solution is better IMHO. I admin an "high" traffic web site. In last time there was an huge increment of web-spam/blog-spam traffic, which I would avoid. I want to direct traffic from a blacklist into an other port, so that a simple http server will advise user (and offer a graphical challenge) to unblock. Practically I want to mangle the port of blacklist-originated packets, from 80 to 81, and the opposite for outgoing traffic. Port 81 will be firewalled from extern, so I think there cannot be problem with connection identification / collision. Would it be possible? Would it be lighter than std nat solution (and conncetion tracking)? Are there already some netfilter module? (or i should implement myself one?) ciao cate PS: please CC: me. It is easier to reply
