Linux - NetworkingThis forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
i want to send all the packets that i am recieving on port 80 to port 4000.
i am able to scan all the packets using libpcap library i.e able to extract the ip,tcp,udp headers etc.but i dont know how to send a packet from one port to another port.I am able to send data using send() say "hello world" from one port to another but i want to send the complete packet that i recieved through internet on port 80 without changing its source and destination.Is it possible.
please anybody reply soon.....
iptables is the userland application that configures the netfilter kernel module. What the original poster is asking for is a specific purpose of netfilter/iptables, and is called port-forwarding. A Google search for 'port forward iptables' yields a plethora of useful links.
--- rod.
Is it possible to do it without ip-table ? using c program
Why would you want to? If it has to be built into some other application, then use the C system() function to call iptables. This will result in a much more efficient system, as the packet filtering takes place right in the kernel where all packets are handled anyway. No need to re-invent any wheels.
Anybody who needs to do port forwarding will have used iptables. If you need to do so, and you cannot use iptables, then the best reference would be the source code for iptables. A distant second best would be the source code for netfilter.
Having looked at your original question, I'm not even sure you can do what you are asking from a userspace application. When you say 'i want to send the complete packet that i recieved through internet on port 80', what exactly do you mean? Do you have multiple interfaces, and you want to send the packets to another host that is listening on port 4000? Do you want the packet to be sent to localhost:4000? Can you be more specific?
--- rod.
'i want to send the complete packet that i recieved through internet on port 80'.By this i mean i want to transfer the packet as it is without modifying its source/dest ip and port.Yes i do have multiple NICs on my pc.Actually what i have to do is i have to scan an incoming packet from any interface using pcap library.based on the destination of the packet i have to forward it to the corresponding interface.for ex-i have two NIC eth0 connected to internet and eth1 to local network.A packet comes from local network for internet so pcap will scan this packet and forward it to eth0.I know it is possible with iptables but i have to do it using my own program.
so any body has any idea how to forward packet using sockets or pcap library from an interface to a specific port.
So, then if your host receives a packet that is addressed to it, and then re-transmits it without changing the destination address, it will simply be received once again by the same host. This cycle will then continue ad infinitum. If you do not modify the packet, how will the new destination port be encoded into the packet? It is not possible to do what you are suggesting, even with iptables. The netfilter module provides something called a mangle table, and its purpose is to modify the packet according to the requirements, such as port-forwarding.
I think you need to re-think your objectives. Is this homework?
--- rod.
thats ok.But there will be a function for handling packets whose destination and host address are same.So that it will not go in infinite loop.in simple i just have to forward packets between two ports on same machine using c program.The destination port will be decided by the information extracted from packet header using libpcap library.
so please if anybody knows how to forward packets using c program between two ports please let me know.reply asap.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.