LinuxQuestions.org
Visit Jeremy's Blog.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 08-24-2014, 01:56 PM   #1
kikilinux
Member
 
Registered: Sep 2012
Posts: 126

Rep: Reputation: Disabled
change destination ip address to broadcast address by iptables


I want to change the destination IP address of the packets that I received.
I want to know if a solution exists by iptables to change the destination IP address of the packets to a broadcast address?
Assume I have a linux box with 2 network interfaces(eth0 and eth1) which works as a firewall.
I want to change the destination IP address of the receiving packets from eth0 to a broadcast address onto the eth1.
Is it possible to perform something like this ?
Can I perform that by Netfilter Loadable kernel Module?
Can I perform that by iptables command?
I need to specially perform that with iptables ....
 
Old 08-26-2014, 11:12 AM   #2
Sum1
Member
 
Registered: Jul 2007
Distribution: Fedora, CentOS, and would like to get back to Gentoo
Posts: 332

Rep: Reputation: 30
If I'm understanding the question correctly, I believe it's done via PREROUTING.
This is from section 6.2 of the NAT How-To:

This is done in the PREROUTING chain, just as the packet comes in; this means that anything else on the Linux box itself (routing, packet filtering) will see the packet going to its `real' destination. It also means that the `-i' (incoming interface) option can be used.

Destination NAT is specified using `-j DNAT', and the `--to-destination' option specifies an IP address, a range of IP addresses, and an optional port or range of ports (for UDP and TCP protocols only).

## Change destination addresses to 5.6.7.8
# iptables -t nat -A PREROUTING -i eth0 -j DNAT --to 5.6.7.8

## Change destination addresses to 5.6.7.8, 5.6.7.9 or 5.6.7.10.
# iptables -t nat -A PREROUTING -i eth0 -j DNAT --to 5.6.7.8-5.6.7.10

## Change destination addresses of web traffic to 5.6.7.8, port 8080.
# iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 \
-j DNAT --to 5.6.7.8:8080
 
Old 08-26-2014, 11:32 AM   #3
kikilinux
Member
 
Registered: Sep 2012
Posts: 126

Original Poster
Rep: Reputation: Disabled
Yes i want to DNAT but not to a specific IP address, I want to change destination IP address to a broadcast IP address.
For example the eth0 is on 192.168.0.0/24 network and eth1 is on 192.168.1.0/24.
The packets is coming on eth0 and I want to change IP address of the packets to 192.168.1.255(broadcast address).
Is it possible do that by iptables in NAT prerouting chain ??
 
Old 08-26-2014, 12:50 PM   #4
Sum1
Member
 
Registered: Jul 2007
Distribution: Fedora, CentOS, and would like to get back to Gentoo
Posts: 332

Rep: Reputation: 30
Quote:
Originally Posted by kikilinux View Post
Yes i want to DNAT but not to a specific IP address, I want to change destination IP address to a broadcast IP address.
For example the eth0 is on 192.168.0.0/24 network and eth1 is on 192.168.1.0/24.
The packets is coming on eth0 and I want to change IP address of the packets to 192.168.1.255(broadcast address).
Is it possible do that by iptables in NAT prerouting chain ??
I can't figure out how to edit/convert the ip addresses; I can only see a way to re-direct them to another destination:

Code:
iptables -t nat -A PREROUTING -i $INTERNET_IFACE1 -p tcp -d 192.168.1.0/24 -s 0.0.0.0/0 -j DNAT --to-destination 192.168.1.255
iptables -t nat -A PREROUTING -i $INTERNET_IFACE1 -p udp -d 192.168.1.0/24 -s 0.0.0.0/0 -j DNAT --to-destination 192.168.1.255
Under the "-s" part, you could specify "-s 192.168.0.0/24" but using "0.0.0.0/0" is comprehensive and thus anything coming in on eth0 will route to destination 192.168.1.255.
 
  


Reply

Tags
iptables


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Iptables to change the destination IP address of facebook to google.com shreyasjoshi15@gmail.com Linux - Security 4 03-30-2014 01:18 PM
Iptables / routing to destination address through interface Xeta Linux - Networking 7 05-10-2006 04:17 PM
What can cause a broadcast address change? ca346734 Linux - Networking 2 10-21-2005 05:03 PM
how to get ip address, broadcast address, mac address of a machine sumeshstar Programming 2 03-12-2005 05:33 AM
problem to print source address and destination address jooboo Programming 2 11-26-2003 04:24 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 02:54 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration