iptables REDIRECT original destination-ip

10-17-2006, 04:17 PM

hi

if i use ip_forward on a proxy and:
iptables -t nat -A PREROUTING -p tcp --dport 554 -j REDIRECT --to-port
9999
to catch RTSP-Packets and pass them to the 9999 port of the proxy, how
can i get the original destination-ip.

thx

10-17-2006, 06:42 PM

Hello,

bubzilla a écrit :
>
> if i use ip_forward on a proxy and:
> iptables -t nat -A PREROUTING -p tcp --dport 554 -j REDIRECT --to-port
> 9999
> to catch RTSP-Packets and pass them to the 9999 port of the proxy, how
> can i get the original destination-ip.

Read the SO_ORIGINAL_DST option of the TCP socket.
Or look up the connection tracking table in /proc/net/ip_conntrack.

10-18-2006, 08:20 AM

thankx

where is SO_ORIGINAL_DST defined , which header ???

10-18-2006, 10:31 AM

bubzilla wrote:
> thankx
>
> where is SO_ORIGINAL_DST defined , which header ???

struct sockaddr_in addr;
bzero((char *) &addr, sizeof(addr));
addr.sin_family = AF_NET;
socklen_t addr_sr = sizeof(addr);

getsockopt(fd, SOL_IP, SO_ORIGINAL_DST, &addr, &addr_sz );

10-18-2006, 10:45 AM

and of course:

#include <linux/netfilter_ipv4.h>

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Similar Threads
Thread	Thread Starter	Forum	Replies	Last Post
(iptables) connlimit per destination IP equivalent	dzikus	Linux Networking	1	04-07-2006 11:23 PM
iptables? redirect?	M3ntos	Linux Networking	3	05-20-2005 08:16 AM
iptables: destination nat onto same network	Chris Lutka	Linux Networking	3	03-19-2005 01:35 AM
IPTABLES: -d (destination)=Internet	AcCeSsDeNiEd	Linux Networking	2	10-02-2004 11:36 AM
Iptables SSL redirect	Fritz Bayer	Linux Networking	6	07-20-2004 06:08 AM