LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices

Reply
 
Search this Thread
Old 09-25-2007, 03:10 AM   #1
Ahmed_Baghdad
LQ Newbie
 
Registered: Sep 2007
Posts: 2

Rep: Reputation: 0
Unhappy iptables doesn't seem to apply new rules to already open TCP connections


Hello everybody

I'm having a problem with iptables it doesn't seem to apply new rules to the already open TCP connections
here is my problem i'm writting a small application that acts as a Hotspot for WLAN with HTTP authorentication all users submit to this iptables rule

Code:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 80
when a user enters the password his rule will be

Code:
iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.1.1:8080 -s 192.168.0.XX -m mac --mac-source XX:XX:XX:XX:XX:XX
till now it works perfectly the problem is when the user logs off the rule will be removed with this command

Code:
iptables -t nat -D PREROUTING -i eth0 -p tcp --dport 80 -j DNAT --to 192.168.1.1:8080 -s 192.168.0.XX -m mac --mac-source XX:XX:XX:XX:XX:XX
all open tcp connections are still active like downloading a file while any request to new one will be redirected to the first rule (Hotspot Login)

please help me i'm new to linux iptables and this is a huge hole in my system, is there a command that resets/disconnects these connections ??

note:
192.168.1.1:8080 is a squid cache server while 192.168.0.1:80 is my hotspot server
 
Old 09-25-2007, 09:00 PM   #2
win32sux
Guru
 
Registered: Jul 2003
Location: Los Angeles
Distribution: Ubuntu
Posts: 9,870

Rep: Reputation: 371Reputation: 371Reputation: 371Reputation: 371
You could use cutter for this.
 
Old 09-27-2007, 02:06 AM   #3
Ahmed_Baghdad
LQ Newbie
 
Registered: Sep 2007
Posts: 2

Original Poster
Rep: Reputation: 0
Thumbs up

thanks a lot win32sux linux is awesome and your name says the rest

I've read cutter's source code it uses this file (/proc/net/ip_conntrack) to get the routed connections IPs/Ports it is a really nice feature in linux i didn't know about and good technique cutter is using to close them.

thanks again
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
iptables rules for an ubuntu gateway (filtering connections to and from Internet) Zingaro2002 Linux - Networking 4 05-06-2007 02:01 AM
how to view how many tcp connections open? FireRaven Linux - Networking 3 01-02-2007 04:00 AM
iptables rules to ask for password for new connections chingyenccy Linux - Newbie 1 02-25-2005 02:50 PM
half-open tcp connections r_m_carlsson Linux - Networking 1 02-03-2004 05:51 AM
Ximian Evolution wont apply rules/filters!! newbie2002 Linux - General 2 12-05-2002 10:50 PM


All times are GMT -5. The time now is 07:59 PM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration