I created a thread on another forum that isn't as busy as this one, but I'm not sure that I explained it right. I hope you guys don't mind if I give it a go here. I read the sticky and it seems like my problem fits in here.
I have 3 linux desktops. A, B, and C.
A sends Multicast Packets to B(which has 2 NICs, a receive and a send). B is subscribing to 231.1.1.1. I verified that B gets the packets with tcpdump.
If I want to stop B from getting the packets, I can do:
Code:
iptables -A INPUT -i [interface] -j DROP
.
This works. As soon as I do the same command with -D instead of -A, the packets start showing up again.
I then use the command:
Code:
route add -net 232.1.1.1 netmast 255.255.255.255 dev [interface]
on B.
And then on C I use the command:
Code:
route add -host 232.1.1.1 dev [interface]
While on B if I use the command
, then C will receive the ping (I can see the ping with tcpdump).
I just want B to be a router, so in the future when I get MC packets from local machines (it is not connected to the outside world), it will forward them to machine C.
I found out about "prerouting", which basically takes the destination address and changes it, right? So I thought if it was destined for 231.1.1.1, and I did a command that rerouted it to 232.1.1.1, then it would work. Apparently not. I used the command:
Code:
iptables -t nat -A PREROUTING -i [interface] -j DNAT --to 232.1.1.1
[I thought]This would change anything coming in through this interface and send it to 232.1.1.1. Nope.
I dropped -i [interface]. So [I thought] anything coming in would get sent to 232.1.1.1. Nope.
I looked at [Click Here to Find Similar Threads], but I'm not sure that they applied to what I'm trying to do.
Is there a program that would make this job easier? Am I missing something?
Btw, I deleted all iptable rules before doing this. I went back and allowed everything.
Sorry for the wall of text, please let me know if I left something out. I would really appreciate any input. I've been troubleshooting this and a bunch of other stuff on this the past couple of weeks.
Edit: I've also tried adding -m pkttype --pkt-type multicast and it did not help.
[idea]Is there something similar to ping that I could test to see if B forwards after getting it from A?
I'm pretty sure that it's something that I'm not understanding, and not something that's failing.
Now that I've re-read this 5 times, maybe it was dumb to delete all of the rules. Time to do more reading. I am allowing everything in INPUT/OUTPUT/FORWARD.
It looks like I had forwarding disabled.
in /etc/sysctl.conf (make a backup if you do this)
net.ipv4.ip_forward = 0 (change to = 1)
execute:
Code:
sysctl -p /etc/sysctl.conf
