[LARTC] Re: Troubles DNATing UDP

To:	casper@meteor.dp.ua
Subject:	[LARTC] Re: Troubles DNATing UDP
From:	dAm2K <dam2000@gmail.com>
Date:	Fri, 10 Nov 2006 16:39:42 +0100
Cc:	lartc@mailman.ds9a.nl
Delivered-to:	sp-com-lists@consult.net
Delivered-to:	lartc-list@securepoint.com
Delivered-to:	lartc@outpost.ds9a.nl
Domainkey-signature:	a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=grUf62RXAdF9AFEA7Mb0Ni9wm+6t7dj51TC+cbWa0alldXo48cy7kWmp7HMu93U+ZJluAqMwUWGIiNa0/LGPx//njsNW67QiewoUiR5g6BCip81ElGZE6ln1mrmN+ToC4yQ+uMRxd9NeRXemOnMdvMQiO6jXXdN9+yGQ5cYHmEY=
In-reply-to:	<1163158657.4061.3.camel@localhost.localdomain>
List-archive:	<http://mailman.ds9a.nl/pipermail/lartc>
List-help:	<mailto:lartc-request@mailman.ds9a.nl?subject=help>
List-id:	"Mailinglist of the Linux Advanced Routing & Traffic Control project" <lartc.mailman.ds9a.nl>
List-post:	<mailto:lartc@mailman.ds9a.nl>
List-subscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=subscribe>
List-unsubscribe:	<http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc>, <mailto:lartc-request@mailman.ds9a.nl?subject=unsubscribe>
References:	<1162910458.32208.44.camel@localhost.localdomain> <1163158657.4061.3.camel@localhost.localdomain>
Sender:	lartc-bounces@mailman.ds9a.nl

> Once again, all those packets reach INPUT chain, rules in -t nat -I
> PREROUTING not working.
>
> So here is the question: Does the UDP is being DNAT'ed differently
> comparing with TCP? What is the difference? How can I DNAT them?


If your HW UDP pinger's default gateway is your natting firewall, try
to ping directly the 192.168.1.2 web server. If default gateway is
another router, try adding the route 192.168.1.0/25 to you HW pingers
and ping directly 192.168.1.2.
If this is not possible (and you are UDP pinging you firewall) open
dport 4000 udp in INPUT chain on your firewall and do natting:

iptables -t filter -A INPUT -p udp -m udp -s 10.10.0.0/16 -d
10.10.100.1 --dport 4000 -j ACCEPT
iptables -t nat -A PREROUTING -p udp -m udp -s 10.10.0.0/16 -d
10.10.100.1 --dport 4000 -j DNAT --to-destination 192.168.1.2

This way 192.168.1.2 host should receive udp packets coming from the firewall.

My setup is running smoothly with UDP and NAT, I'm using with
playstation online games...

Hope this help. Bye, Dino.

--
dAm2K, you know I'm there!
_______________________________________________
LARTC mailing list
LARTC@mailman.ds9a.nl
http://mailman.ds9a.nl/cgi-bin/mailman/listinfo/lartc

<Prev in Thread]	Current Thread	[Next in Thread>
[LARTC] Troubles DNATing UDP, Покотиленко Костик Re: [LARTC] Troubles DNATing UDP, Покотиленко Костик [LARTC] Re: Troubles DNATing UDP, dAm2K <= [LARTC] Re: Troubles DNATing UDP, Покотиленко Костик Re: [LARTC] Troubles DNATing UDP, Покотиленко Костик Re: [LARTC] Troubles DNATing UDP, Taylor, Grant Re: [LARTC] Troubles DNATing UDP, Покотиленко Костик

Previous by Date:	Re: [LARTC] Troubles DNATing UDP, Покотиленко Костик
Next by Date:	Re: [LARTC] Troubles DNATing UDP, Taylor, Grant
Previous by Thread:	Re: [LARTC] Troubles DNATing UDP, Покотиленко Костик
Next by Thread:	[LARTC] Re: Troubles DNATing UDP, Покотиленко Костик
Indexes:	[Date] [Thread] [Top] [All Lists]