[prev in list] [next in list] [prev in thread] [next in thread] 

List:       netfilter
Subject:    Re: Communication Redirect (Revised)
From:       Cedric Blancher <blancher () cartel-securite ! fr>
Date:       2003-04-30 22:47:36
[Download RAW message or body]

Le mer 30/04/2003 à 22:50, Sapient2003 a écrit :
> OpenBSD uses the packet filter pf to redirect communications to a 
> program. Is ther anything like this for Linux? I tried IPTABLES for this 
> task, like so: iptables -t filter -A INPUT -p udp -s 0/0 -d 66.47.159.11 
> --destination-port 53 -j REDIRECT dns ... As it turns out, REDIRECT 
> isn't for forwarding packets to another program...

Netfilter has no such feature. What you can do is have your program
listen to a local port and then redirect traffic to this local UDP port
53. If you have a DNS server listening on this port, you're done.

This is a basic stup for transparent proxying.

-- 
Cédric Blancher  <blancher@cartel-securite.fr>
IT systems and networks security - Cartel Sécurité
Phone : +33 (0)1 44 06 97 87 - Fax: +33 (0)1 44 06 97 99
PGP KeyID:157E98EE  FingerPrint:FA62226DA9E72FA8AECAA240008B480E157E98EE


[prev in list] [next in list] [prev in thread] [next in thread]