Hi,
I want to do (stateful) source port translation (restriction actually)
on my outgoing packets, but no source address translation. And I want to
do it for IPv6.
So if there is a TCP packet like this:
SRC ADDR: 2001:db8::10
DST ADDR: 2001:c0de:
SRC PORT: 53523
DST PORT: 80
I want to translate it so that the source port falls into a specific
port range, say [1024:2047]:
SRC ADDR: 2001:db8::10
DST ADDR: 2001:c0de:
SRC PORT: 1500
DST PORT: 80
If the source port is already in the requested port range, no
translation is needed (but the state has to be kept anyway).
Is this possible to do with netfilter? If not, does anybody know for any
other (simple) way to do it?
Thanks,
Nejc
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
