Hi List, I am wondering if there is any way to route directed broadcast packets through a linux box using iptables. So far I have tried (through a friends suggestion) to mark the packet in the mangle table of the PREROUTING chain, change the packet to be a packet that will route and then change it back to a broadcast on the OUTPUT chain. i.e. Broadcasting to 10.200.172.255 Packets are coming in to eth0 (10.14.172.250/24) Packets need to go out eth1 (10.200.172.250/24) Have tried iptables -t mangle -A PREROUTING -i eth0 -d 10.200.172.255 -j MARK --set-mark 0x10 iptables -t nat -A PREROUTING -i eth0 -d 10.200.172.255 -j DNAT --to-dest 10.200.172.254 iptables -v -t nat -A OUTPUT -d 10.200.172.254 --match mark --mark 0x10 -j DNAT --to-dest 10.200.172.255 But the problem I find is that whilst matching in the mangle table Chain PREROUTING (policy ACCEPT 246K packets, 35M bytes) pkts bytes target prot opt in out source destination 79687 19M MARK all -- eth0 * 0.0.0.0/0 10.200.172.255 MARK set 0x10 The packets don't make it to the nat table Chain PREROUTING (policy ACCEPT 9014 packets, 567K bytes) pkts bytes target prot opt in out source destination 0 0 DNAT all -- eth0 * 0.0.0.0/0 10.200.172.255 to:10.200.172.254 Why are the packets not making to the nat PREROUTING chain? Is there a better way of doing this? Thanks in advance, Matt. Apologies if this email arrived twice, but I received an email saying my first post failed because my source email address was not from a subscribed member (rectified).
