On Tuesday 2008-03-25 17:11, Patrick McHardy wrote:
Ryan Kruse wrote:
We have a network management application that has an embedded TFTP and FTP
server. The application is written in Java and runs as an unprivileged
user so we can't bind to the well known ports. On linux we bind TFTP and
FTP to high ports (udp/11069 and tcp/11021). We then use iptables rules to
redirect the incoming low port (udp/69 and tcp/21) connections to the high
ports.
Now that our application supports IPv6 I need to do the same for that. I
know that ip6tables doesn't support NAT (and shouldn't), but I haven't
found a way to redirect a port. Any thoughts on how this can be done?
Routing by fwmark *might* work (add a new "local" table and a rule
pointing to it, mark packets appropriately, bind to ::0). If that
doesn't you'll most likely need a IPv6-capable TPROXY version.
But how does routing change the destination port? It does not...
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
