iptables only NATing the first udp packet in a "connection"

Discussion in 'Linux Networking' started by shaharklein, Oct 2, 2007.

  1. shaharklein

    shaharklein Guest

    Hi

    boxes A and B are negtiating a very simple udp conversation:

    A says "Hi" to B
    B says "Hello" to A
    and A replies with a message say "MMM"

    this works fine
    but now I want to "hide" box A

    so I use box C

    A says "Hi to B but B sees "Hi" from C
    B says "Hello" to C which redirects the packet to A
    A says "MMM" to B but B sees it from A

    one rule on A:
    iptables -t nat -A POSTROUTING -p udp --sport 5555 -j SNAT --to
    "address_of_C"

    and one rule on C:
    iptables -t nat -A PREROUTING -p udp --destination C --dport 5555 -j
    DNAT --to A


    sniffing on B
    I see
    C --> B
    B --> C
    A --> B //arrrrrrr

    on box A I see only one packet is matched


    Thanks a head for any help :)
     
    shaharklein, Oct 2, 2007
    #1
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.