Answer the question
In order to leave comments, you need to log in
J
J
jajabin2020-04-26 18:58:38
jajabin, 2020-04-26 18:58:38
How to share connections using iptables?
I have written user space packet processing applications. The scheme of the network is as follows:
Its essence is that I change the packet headers up to level 4. At the moment I have the following rules. Port 4222 service.
#firewall A
iptables -A FORWARD -i ens18.100 -p tcp -m tcp -j NFQUEUE --queue-num 1
iptables -A PREROUTING -t raw -i veth100 -p tcp -m tcp ! --sport 4222 ! --dport 4222 -j NFQUEUE --queue-num 2
#firewall B
iptables -A FORWARD -i ens19.88 -p tcp -m tcp -j NFQUEUE --queue-num 1
iptables -A PREROUTING -t raw -i veth88 -p tcp -m tcp ! --sport 22 ! --dport 22 -j NFQUEUE --queue-num 2But I would like to know how to separate connections and it is possible that the initiated connection from the network 172.16.100.0/24 and the responses from 10.0.88.11/24 go to two queues according to the example above, and the initiated connection from 10.0.88.1/24 goes, for example, to 3 -4 turn.
Similar questions
P
K
R
O
L
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question