Re: Redirecting traffic away from loopback

From: Pascal Hambourg
Date: Thu Dec 04 2008 - 05:55:09 EST

Next message: TOMOYUKI INCORPORATED: "OUR REF:TIT/4631"
Previous message: Christoph Gysin: "strange behavior of 8139too on recent kernels"
In reply to: Nikola KneÅeviÄ: "Redirecting traffic away from loopback"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello,

Nikola Knezevic a écrit :

is it possible with iptables to redirect all the traffic to go to the network interface, instead of the loopback?

Note that the loopback /is/ a network interface. Do you mean a physical interface ?

I have two virtual interfaces, eth0:1 (10.0.0.1) and eth0:2 (10.0.0.5).

These are IP aliases, not virtual interfaces.

When a process sends a packet from 10.0.0.1 to 10.0.0.5, I would like to ship that packet to the gateway, which will return the packet back to this machine. Is this possible with iptables?

This is not possible with a standard kernel. Even though it may be possible thanks to some kernel patches (maybe the ROUTE hack from netfilter's patch-o-matic, use at your own risk), you would run into trouble when the packet is received back : the IP stack discards packets with a local source addresse received on a non-loopback interface.

Also, can I do the same thing now just for IP, but for ICMP?

Huh ? What do you mean ?

--
To unsubscribe from this list: send the line "unsubscribe linux-net" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html

Next message: TOMOYUKI INCORPORATED: "OUR REF:TIT/4631"
Previous message: Christoph Gysin: "strange behavior of 8139too on recent kernels"
In reply to: Nikola KneÅeviÄ: "Redirecting traffic away from loopback"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]