Probably the wrong list... but here goes. We have some linux PC's acting as routers. We have some dumber terminals which do not support multicast, but for our application we need to support multicast (groan). Anyway, using iptables on the routers I can easily convert traffic from the terminals to multicast: iptables -t nat -A PREROUTING -i eth0 -d 172.168.0.0/24 -j DNAT --to-destination 224.0.1.1 (So any traffic to our backbone network from one of the terminals will get NAT'd to the mcast address). All the various routers are members of the multicast group and happily receive the multicast traffic (using iptables logging I can see the traffic in the various parts of netfilter). The problem that we're facing is converting the Multicast address back to a unicast address - iptables -t nat -A PREROUTING -d 224.0.1.1 -j DNAT --to-destination 192.168.0.2 doesn't work (192.168.0.2 is a terminal address, so on each router this would be different). Using various log directives as soon as the traffic hits the DNAT rule above it drops out of sight... I've got log directives in the raw, 'normal' and nat tables - only the ones before it hits the dnat rule are tripped, the rest aren't (and there is no filtering on the logs - just the log prefix so I know where in the chains it came from). Any ideas? -- Richard Horton Users are like a virus: Each causing a thousand tiny crises until the host finally dies. http://www.solstans.co.uk - Solstans Japanese Bobtails and Norwegian Forest Cats http://www.pbase.com/arimus - My online photogallery -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
