Hi guys, I am a linux newbie, please help me with the following problem.

I have 2 PCs, both with linux installed (Fedora Core 5) and both have two network cards. Let's call them PC1_eth0, PC1_eth1, PC2_eth0, PC2_eth1.

I am using a program called RUDE that generates udp packets. Using RUDE, PC1 generate packets and send them to PC2_eth0. How do I automatically redirect packets received by PC2_eth0 to PC2_eth1 then to PC1_eth1?

Thank you very much in advance

As a starting point - you need to look into using the firewall built into the os iptables.

I have been trying to use iptables to do this. Here's what I do (all the following done on PC2):
1. iptables -A INPUT -i eth0 -p UDP
2. iptables -A FORWARD -i eth0 -o eth1 -p UDP
3. iptables -A OUTPUT -o eth1 -d 192.168.1.6 -p UDP
192.168.1.6 is the static IP address of PC1_eth1.

This doesnt seem to work, any idea what is wrong? Thank you very much.

Check your route table "route -r" then edit as apropriate.

Few queries;

1. How are these 4 ethernet devices are connected to each other ?
(e.g. cross cables/ 1-eth0<--> 2-eth0 / 1-eth1<--> 2eth1) ??
2. Check whether packet forwarding is enabled @ kernel level ?
3. log one upd packet (sent by RUDE-pc1) @ pc2; with any packet logger & dump the header here.

Hi amitsharma_26, regarding your points:

1. pc1-eth0 and pc2-eth0 are connected with crossover cable
pc1-eth1 and pc2-eth1 are also connected with crossover table
2. packet forwarding has been enabled
3. an output from udp packet logger:

ID=30 SEQ=0 SRC=192.168.1.5:3002 DST=192.168.1.7:10001 Tx=1157116310.805596 Rx=1157116606.797666 SIZE=250

This packet is received at pc2-eth0(192.168.1.7). What I want to do is:

pc1-eth0(192.168.1.5) generates packet -> pc2-eth0 -> pc2-eth1 -> pc1-eth1

Basically pc1 will generate and capture packets, but I want the packet to go thru pc2 where I am going to use tc to control the traffic.

Thank you very much for your help.

We can use natting to do that/ Is that ok with you ?
rewriting packet will solve the problem//

Though my major concern is that the packet is coming in the INPUT chain for PC2 & then we have to move the packet into FORWARD chain for it to pass back to PC1 from eth1 of PC2.

I am not familiar with natting, but I am open to any suggestions. Currently I have all the IP addresses static. What kind of issues arise with the INPUT and FORWARD chain? Is it particularly hard to do?

Also, what would happen if we use a 3rd computer instead? The flow is now pc1-eth0 -> pc2 -> pc3-eth0. Can I send the packet from pc1 straight to pc3? Would the packets find their own way through pc2 (since that's the only way)?

Thank you very much for your help.

These below mentioned rules are supposed to be run @ your PC2 box.
#iptables -t nat -A PREROUTING -p udp -d 192.168.1.7 -j DNAT --to-destination pc0-eth1-ip
#iptables -A OUTPUT -p udp -o eth0 -j DROP
(we are dropping these above packets as i am not aware of your other two eth1 ip classes)

Hi amitsharma_26,

Is there any way to check the route using ping? My packet receiver (run in pc1) doesnt seem to log anything. What happens to the source/destination port, do they need to be stated during rerouting?

Thank you very much for your help.

Lets take this case;

Pc1-
eth0 : 172.16.16.201
eth1 : 192.168.55.1

Pc2-
eth0 : 172.16.16.2
eth1 : 192.168.55.2
(With crosscable connection b/w these two same-class ethernet card ips)

With Packet forwarding-ON @ kernel level @ Pc2.


At Pc2 :
I am running,
#iptables -t nat -A PREROUTING -p tcp -d 192.168.55.2 -j DNAT --to-destination 172.16.16.201

& At Pc1.. i am connecting ftp to Pc2-eth1; which should redirect the packet over to PC1-eth0 & should get logged there at eth0 as well.
So as per my DNAT conversion; the initial packet which is like Source/Destination --> 192.168.55.1/192.168.55.2 should get converted into 192.168.55.1/172.16.16.201 & should also get logged at pc1-eth0.

Well here's my logs, which are verifying the same; (Taken by packet logger @ pc1-eth0)
16:06:22.634383 IP 172.16.16.201.32820 > 192.168.55.1.ftp: S 436067969:436067969(0) win 5840 <mss 1460,sackOK,timestamp 1299438 0,nop,wscale 2>
16:06:25.633790 IP 172.16.16.201.32820 > 192.168.55.1.ftp: S 436067969:436067969(0) win 5840 <mss 1460,sackOK,timestamp 1302438 0,nop,wscale 2>
16:06:27.633777 arp who-has 192.168.55.1 tell 192.168.55.2
16:06:27.633788 arp reply 192.168.55.1 is-at Broadcast
16:06:31.632867 IP 172.16.16.201.32820 > 192.168.55.1.ftp: S 436067969:436067969(0) win 5840 <mss 1460,sackOK,timestamp 1308438 0,nop,wscale 2>

Though as it was a tcp packet & i havent had specified any gateway @ none of those boxes; connection wasnt established... but as you can see; it did reached there & got logged. It should work in the case of UDP packets as well ( as they are not even a connection oriented protocol)

Hi, thanks for the help so far.

It turns out that my hardware connection was switched (eth0 is actually eth1 and vice versa). I plugged it in the right one and switched the static ip address but now it poses another problem: pinging the ip address returns HOST UNREACHABLE. I tried typing arp -a and it says that HWaddress is incomplete. What is going on?

do a restart for your network service//

n btw what do you mean by "you plugged it in the right one"; i guess you only did changed the cross-ovr cables & the static ip addresses.

I meant I switched the crossover cable plug between them and changed their static ip address.

I restarted the network but the problem persists. It seems that only 1 connection is working at a time. Yesterday I could only ping pc1-eth0 today I can only ping pc1-eth1.

Here's the pings that I do (on pc2):
- ping -c 10 -I eth0 <pc1-etho-ip>
- ping -c 10 -I eth1 <pc1-eth1-ip>

The first ping is alright now, the second returns DESTINATION HOST UNREACHABLE

And the arp -e table looks like this:

Address HWtype HWaddress Flags Mask Iface
<pc1-eth0-ip> ether 00:A0:C9:84:62:0A C eth0
<pc1-eth1-ip> (incomplete) eth0

Thanks for your help.

Are you sure that you got eth0 as the Iface for both of them; or is it just a simple typing mistake //

Also copy paste the output of #route -n

& yea i have finished writing my new tutorial on iptables packet/port forwarding; so you go through it (its very short n precise) http://amitsharma.linuxbloggers.com/portforwarding.htm
amitsharma.linuxbloggers.com/portforwarding.htm.htm

Regards,
Amit..