Re: Dynamically changing destination ip address using iptables

To:	"LinuxVirtualServer.org users mailing list." <lvs-users@xxxxxxxxxxxxxxxxxxxxxx>, fd99127@xxxxxxxxx
Subject:	Re: Dynamically changing destination ip address using iptables - IMP
From:	gan hawk <ganhawk@xxxxxxxxx>
Date:	Sun, 4 Sep 2005 20:45:46 -0700

Hi,

Two options you can consider is writing a netfilter module with code to map 
the bits to daddr or write it in userspace and use IPQueue (if your traffic 
is low)
I am not sure if you can achive this with existing modules.



On 8/31/05, kavitha <fd99127@xxxxxxxxx> wrote:
> 
> Hi,
> 
> We are trying to modify the TCP protocol a little but so that when a 
> packet arrives at a router, it would be possible to read a particular field 
> (lets say options or the reserved field) of the packet(that would give the 
> actual path that the packet needs to take) and populate the destination ip 
> address of that packet with the new ipadress read from this reserved field. 
> I know that using dnat you can change the destination ipaddress of the 
> packet but in my problem, I would not knwo the destination ipaddress prior 
> (it would be dynamic) and it would change with every packet - so I would not 
> be able to use a static ip address in the iptables rule. So I wanted to know 
> if there is anyt way to get around this , or if iptables would not provide a 
> solution to thsi problem at all . I knwo this can be done using raw sockets 
> but adding a single line (as in iptables) seems to be a better proposition 
> than writing pages of code. Basically, I want to know if there is a way to 
> dynamically conf
> igure
> the destination ipaddress that a packet is being routed to by mapping 
> certain other bits of the same packet coming in.
> 
> It would really help if someoen can provide some information in this 
> regard. Any pointers too would really be useful.I looked at the man pages 
> and searched the internet but was not able to come across any rela examples 
> where such a thing may have been used.
> 
> Thanks for your time! Please let me know if you need more clarifications!
> Kavitha
> 
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
>

<Prev in Thread]	Current Thread	[Next in Thread>
Dynamically changing destination ip address using iptables - IMP, kavitha Re: Dynamically changing destination ip address using iptables - IMP, gan hawk <=

Previous by Date:	Re: HA-LVS DR ip_finish_output: bad unowned skb, Roger Tsang
Next by Date:	Re: HA-LVS DR ip_finish_output: bad unowned skb, Horms
Previous by Thread:	Dynamically changing destination ip address using iptables - IMP, kavitha
Next by Thread:	Re: Zero sized downloads, Michael Green
Indexes:	[Date] [Thread] [Top] [All Lists]

Re: Dynamically changing destination ip address using iptables - IMP