Converting ipchains masq modules to netfilter
Kevin Moore
kevinm@sigware.com
Thu, 3 Feb 2000 11:06:13 -0800
This is a multi-part message in MIME format.
------=_NextPart_000_00BD_01BF6E36.AF145D60
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
I have a masquerade module for ipchains that I need to get working with =
netfilter. I would like to rewrite it for netfilter instead of using =
any compatibility facility.
I wrote the module originally for ipchains by looking at the other masq =
modules and experimenting. Not bad considering how little I know. =
Unfortunately I can't figure how to do it for netfilter. I read the =
docs and look at the ftp stuff and I just don't really understand how to =
use the api's. =20
All the module does is look for an outgoing response UDP packet from the =
internal server to the internet. This response has an ip address and =
port embedded in the data and this must be changed to the ip of the =
firewall and a port on the firewall. That's it. All other =
communication is clean (no address info in data).=20
Any tips, examples, or references to other documentation would be =
appreciated.
Kevin Moore
------=_NextPart_000_00BD_01BF6E36.AF145D60
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META content=3D"text/html; charset=3Diso-8859-1" =
http-equiv=3DContent-Type>
<META content=3D"MSHTML 5.00.2919.3800" name=3DGENERATOR>
<STYLE></STYLE>
</HEAD>
<BODY bgColor=3D#ffffff>
<DIV><FONT face=3DArial size=3D2>
<DIV><FONT face=3DArial size=3D2>I have a masquerade module for ipchains =
that I need=20
to get working with netfilter. I would like to rewrite it for =
netfilter instead of using any compatibility facility.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>I wrote the module originally for =
ipchains by=20
looking at the other masq modules and experimenting. Not bad =
considering=20
how little I know. Unfortunately I can't figure how to do it for=20
netfilter. I read the docs and look at the ftp stuff and I =
just don't=20
really understand how to use the api's. </FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>All the module does is look for an =
outgoing=20
response UDP packet from the internal server to the internet. This =
response has an ip address and port embedded in the data and this =
must=20
be changed to the ip of the firewall and a port on the =
firewall. =20
That's it. All other communication is clean (no address info =
in=20
data). </FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Any tips, examples, or references to =
other=20
documentation would be appreciated.</FONT></DIV>
<DIV> </DIV>
<DIV><FONT face=3DArial size=3D2>Kevin =
Moore</FONT></DIV></FONT></DIV></BODY></HTML>
------=_NextPart_000_00BD_01BF6E36.AF145D60--