nV News Forums

 
 

nV News Forums (http://www.nvnews.net/vbulletin/index.php)
-   General Linux (http://www.nvnews.net/vbulletin/forumdisplay.php?f=27)
-   -   iptables port forward (multi dport) (http://www.nvnews.net/vbulletin/showthread.php?t=98410)

evilghost 09-14-07 10:15 AM

iptables port forward (multi dport)
 
I need to forward incoming UDP 514 to UDP 514 and UDP 5141 using iptables. Any ideas? I've already tried tcprewrite/tcpreplay and I can see the traffic over tcpdump but the listening socket on 5141 never gets it, even tried with nc -l -u -p 5141.

tcpdump -s0 -w - -U "host 10.1.99.182 and udp dst port 514"|tcprewrite --portmap=514:5141 --infile=- --outfile=-|tcpreplay --intf1=eth0 -

Q 09-15-07 01:41 PM

Re: iptables port forward (multi dport)
 
Quote:

Originally Posted by evilghost
I need to forward incoming UDP 514 to UDP 514 and UDP 5141 using iptables. Any ideas? I've already tried tcprewrite/tcpreplay and I can see the traffic over tcpdump but the listening socket on 5141 never gets it, even tried with nc -l -u -p 5141.

tcpdump -s0 -w - -U "host 10.1.99.182 and udp dst port 514"|tcprewrite --portmap=514:5141 --infile=- --outfile=-|tcpreplay --intf1=eth0 -

What sort of hardware do you have between the origin and destination. Made sure you didn't have any limiting policies on a switch or anything?

evilghost 09-15-07 02:59 PM

Re: iptables port forward (multi dport)
 
Lets just say Splunk is crap and that I had to use another solution even more horrific than above.

Q 09-15-07 03:06 PM

Re: iptables port forward (multi dport)
 
Quote:

Originally Posted by evilghost
Lets just say Splunk is crap and that I had to use another solution even more horrific than above.

You didn't have to touch a Windows app, did you? :p

evilghost 09-15-07 08:11 PM

Re: iptables port forward (multi dport)
 
That God no, but I did have to force Splunk to tail a hard file versus a FIFO because it can't keep up (pathetic) and had to abandon my efforts at a UDP listener because it bound to the external interface instead of ANY.


All times are GMT -5. The time now is 06:18 AM.

Powered by vBulletin® Version 3.7.1
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Copyright 1998 - 2014, nV News.