Iptables reroute to multicast
I created a thread on another forum that isn't as busy as this one, but I'm not sure that I explained it right. I hope you guys don't mind if I give it a go here. I read the sticky and it seems like my problem fits in here.
I have 3 linux desktops. A, B, and C. A sends Multicast Packets to B(which has 2 NICs, a receive and a send). B is subscribing to 231.1.1.1. I verified that B gets the packets with tcpdump. If I want to stop B from getting the packets, I can do: Code:
iptables -A INPUT -i [interface] -j DROP This works. As soon as I do the same command with -D instead of -A, the packets start showing up again. I then use the command: Code:
route add -net 232.1.1.1 netmast 255.255.255.255 dev [interface] And then on C I use the command: Code:
route add -host 232.1.1.1 dev [interface] Code:
ping 232.1.1.1 I just want B to be a router, so in the future when I get MC packets from local machines (it is not connected to the outside world), it will forward them to machine C. I found out about "prerouting", which basically takes the destination address and changes it, right? So I thought if it was destined for 231.1.1.1, and I did a command that rerouted it to 232.1.1.1, then it would work. Apparently not. I used the command: Code:
iptables -t nat -A PREROUTING -i [interface] -j DNAT --to 232.1.1.1 I dropped -i [interface]. So [I thought] anything coming in would get sent to 232.1.1.1. Nope. I looked at [Click Here to Find Similar Threads], but I'm not sure that they applied to what I'm trying to do. Is there a program that would make this job easier? Am I missing something? Btw, I deleted all iptable rules before doing this. I went back and allowed everything. Sorry for the wall of text, please let me know if I left something out. I would really appreciate any input. I've been troubleshooting this and a bunch of other stuff on this the past couple of weeks. Edit: I've also tried adding -m pkttype --pkt-type multicast and it did not help. [idea]Is there something similar to ping that I could test to see if B forwards after getting it from A? I'm pretty sure that it's something that I'm not understanding, and not something that's failing. Now that I've re-read this 5 times, maybe it was dumb to delete all of the rules. Time to do more reading. I am allowing everything in INPUT/OUTPUT/FORWARD. It looks like I had forwarding disabled. in /etc/sysctl.conf (make a backup if you do this) net.ipv4.ip_forward = 0 (change to = 1) execute: Code:
sysctl -p /etc/sysctl.conf |
All times are GMT -5. The time now is 10:10 PM. |