Newbie help: mangling packets
Faber Fedor
faber@linuxnj.com
Mon, 17 Dec 2001 16:02:54 -0500
On Mon, Dec 17, 2001 at 02:05:27PM -0500, Jason Englander wrote:
> On Mon, 17 Dec 2001, Faber Fedor wrote:
> > Hi there,
>
> Boy, you're awful familar ;-)
Jeez! I move across the entire state and I _still_ can't get away from
you. :-)
>
> Something like this should do it... (not verified or even proofread <g>)
> Grab gShield (it's listed on freshmeat) for some good examples.
>
> iptables -N ACCEPTnLOG 2> /dev/null
> iptables -F ACCEPTnLOG
> iptables -A ACCEPTnLOG -j LOG --log-level $LOG_LEVEL --log-prefix "foo "
> iptables -A ACCEPTnLOG -j ACCEPT
>
> iptables -A INPUT -p tcp -d 11.2.3.4 --dport 21 -j ACCEPTnLOG
> iptables -t nat -A PREROUTING -p tcp -d 11.2.3.4 --dport 21 -j DNAT --to 12.5.6.7
Great! Thanks alot. Once I finish building this box (just did a 'make
modules_install', now I'm ready to install the Latest and Greatest
iptables), I'll get to testing (and proofreading :-) this.
--
Regards,
Faber
Linux New Jersey: Open Source Solutions for New Jersey
http://www.linuxnj.com