NetFilter
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Source port NAT

from [Jean-Philippe Mignon] [Permanent Link][Original]
To: netfilter@lists.netfilter.org
Subject: Source port NAT
From: "Jean-Philippe Mignon" <jp.mignon@gmail.com>
Date: Tue, 20 Feb 2007 15:38:24 +0100
Delivered-to: sp-com-lists@consult.net
Delivered-to: netfilter-list1@securepoint.com
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=IPukIhGXQWjzmkXEeOWzg/nY7lmChZ6d0ObRkPlz3UXsNfof9tZtUyDLZiD4f4YK7MAfUJH+UTXGXXsKiPPQvacMAgswRlNzhLvS/QrLeOh52It6DH8LgPFQo79+S3ABq44cqSvv+bfjvaio9cymVZ+KAFixtahwpAQJX1qeJLQ=
List-archive: </pipermail/netfilter>
List-help: <mailto:netfilter-request@lists.netfilter.org?subject=help>
List-id: General discussion and user questions <netfilter.lists.netfilter.org>
List-post: <mailto:netfilter@lists.netfilter.org>
List-subscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=subscribe>
List-unsubscribe: <https://lists.netfilter.org/mailman/listinfo/netfilter>, <mailto:netfilter-request@lists.netfilter.org?subject=unsubscribe>
Sender: netfilter-bounces@lists.netfilter.org 
HI.

I need some helps with port forwarding.
I have a SNMP agent listen on port 1610 (not 161 for rights restriction).
External applications send query to 161 port and wait response from this port.
Here's my configuration:

eth0:  192.168.0.1
eth0:0 192.168.0.2

iptables -t nat -I PREROUTING -p udp -d 192.168.0.2 --dport 161 -j
DNAT --to-destination 192.168.0.1:1610
iptables -t nat -I POSTROUTING -p udp -s 192.168.0.1 --sport 1611 -j
SNAT --to-source 192.168.0.2:161

When I query agent on 192.168.0.1:1610, I receive correct response from
192.168.0.2:161. But, when I query agent on 192.168.0.2:161, agent
log an error:
IOException: Operation not permitted.

If anybody can help me it would be appreciated.

Thank you !
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • Source port NAT, Jean-Philippe Mignon <=
Previous by Date:  Re: Netfilter rule notation and rule parsers, René Pfeiffer
Next by Date:  -s THIS ? (address belongs to one of of interfaces of local machine) ?, Yakov Lerner
Previous by Thread:  Netfilter rule notation and rule parsers, René Pfeiffer
Next by Thread:  -s THIS ? (address belongs to one of of interfaces of local machine) ?, Yakov Lerner
Indexes:  [Date] [Thread] [Top] [All Lists]