Hi, I am running DD WRT and trying to use iptables to change the destination port based on a port range used by the source connection. I am not very well versed with this tool, but have had success doing similar things, but not using a port range and over TCP. I am using two rules, after scourging the internet for help. The answer I found says that I can do DNAT in the PREROUTING, but I have to have an SNAT rule in the POSTROUTING back to the source IP. Here are my two rules: iptables -t nat -A PREROUTING -p udp --dport 45000:65000 -j DNAT --to-destination 192.168.1.131:5000 iptables -t nat -A POSTROUTING -p udp -d 192.168.1.131 --dport 45000:65000 -j SNAT --to-source 192.168.1.122 I don't think the second one makes sense, because I believe I would need to specify the exact destination port (original source port), which I do not have because it is a rule based off a range. In Wireshark, I see no change: 142243 1078.651017 192.168.1.122 192.168.1.131 UDP 144 9296 → 55900 Len=102 I hopes this makes sense. Basically, I would like to change the destination port going from A to B, where the originating packet will be on a port range and UDP. Is this possible between two local machines behind the same router? Thanks! -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
