[LARTC] Re: iptables rule not matching after stream begins
Bob Beers
bob.beers at gmail.com
Tue Nov 21 01:46:00 CET 2006
Trying again, after re-subscribing:
On 11/20/06, Bob Beers <bob.beers at gmail.com> wrote:
> Hello,
>
> I want to dynamically create DNAT rules for
> RTP streams (port-mapping for a SIP proxy).
>
> If my proxy adds the rule before the first packet
> of the RTP stream hits the port, all is well. But, if
> the stream begins arriving before my rule is in
> place, it never matches. I cannot always be
> sure that the info for setting up the rule
> arrives sufficiently ahead of the stream.
>
> I suspect if there is a simple resolution to my
> problem. Does anyone else see this behavior,
> and will share with me the solution?
>
> Apologies if there is a better place to seek an
> answer to this question, please redirect me as
> necessary.
>
> I am using kernel 2.6.15.4, and iptables 1.3.3.
>
> My rules are similar to this:
> iptables -I PREROUTING -t nat -p UDP \
> -d<public_ip> --dport <public_port> \
> -j DNAT --to-destination <private_ip:port>
> iptables -I FORWARD -p UDP \
> -d <private_ip> --dport <private_port>
>
--
-Bob
More information about the LARTC
mailing list