Thanks, 1) what about non-connection oriented ? 2) broadcast/multicast ( Upnp searches that need to go one extra hop if dlna is run on veth ? ) Are there any special techniques/convention that developers use ? Thx. On Fri, Dec 19, 2014 at 1:25 PM, Pascal Hambourg <pascal@xxxxxxxxxxxxxxx> wrote: > Hello, > > Vijay Viswanathan a écrit : >> With MASQUERADE & DNAT >> Iam able to run servers on veth and be able to access network. > (...) >> Lot of protocols go out on random ports and listen on the same source port . >> How do I achieve network access for protocols that goes out on random >> ports and listen on random ports ? > > If the protocol is connection-oriented, i.e. packets in opposite > directions have swapped source/destination ports and addresses, then > conntrack handles the flow as a connection, so all you need is > MASQUERADE or SNAT. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
