Rob Sterenborg wrote:
thanks a million Rob,
You're welcome..
I got it working at last using your instructions.
cheers
Does this mean that the ROUTE patch is actually working (I didn't get to
test that) and which kernel version did you use?
not exactly, it only meant all error messages was gone printed to the
tty when i run the iptables command. i'm now trying to create what i
originally set out to do. if you'r interested here's my scenario.
i have one machine with two interfaces eth0 192.168.51.151 and eth1
192.168.3.11. i have udp packets coming in on eth1 from 192.168.3.77
destined for 192.168.3.11:9090 . i want to duplicate these packets so
they go to their original destination but also go out on eth0 to
192.168.51.46:9090. that's in short what i'm trying. so i have the
following rules i'm trying now (hope this is not laughable as i'm a novice)
/usr/local/sbin/iptables -F INPUT
/usr/local/sbin/iptables -F OUTPUT
/usr/local/sbin/iptables -F FORWARD
/usr/local/sbin/iptables -t nat -F POSTROUTING
/usr/local/sbin/iptables -t nat -F PREROUTING
/usr/local/sbin/iptables -t mangle -F POSTROUTING
/usr/local/sbin/iptables -t mangle -F PREROUTING
/usr/local/sbin/iptables -t mangle -A PREROUTING -p udp --dport 9090 -j
ROUTE --tee
/usr/local/sbin/iptables -t nat -A PREROUTING -p udp --dport 9090 -j
DNAT --to-destination 192.168.51.46:9090
but alas once i run these commands the packets just disappear. it
doesn't reach either of the two destinations then. any comments ?
-
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
