xen-devel

[Top] [All Lists]

Re: [Xen-devel] iptables nat redirect

from [Keir Fraser]

[Permanent Link][Original]

To:	Jeff Clark <jeff@xxxxxxxxxxxxx>
Subject:	Re: [Xen-devel] iptables nat redirect
From:	Keir Fraser <Keir.Fraser@xxxxxxxxxxxx>
Date:	Mon, 13 Oct 2003 20:26:59 +0100
Cc:	xen-devel@xxxxxxxxxxxxxxxxxxxxx
Delivery-date:	Mon, 13 Oct 2003 20:28:19 +0100
Envelope-to:	steven.hand@xxxxxxxxxxxx
In-reply-to:	Your message of "Mon, 13 Oct 2003 12:04:57 PDT." <3F8AF759.3020203@xxxxxxxxxxxxx>
List-archive:	<http://sourceforge.net/mailarchive/forum.php?forum=xen-devel>
List-help:	<mailto:xen-devel-request@lists.sourceforge.net?subject=help>
List-id:	List for Xen developers <xen-devel.lists.sourceforge.net>
List-post:	<mailto:xen-devel@lists.sourceforge.net>
List-subscribe:	<https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=subscribe>
List-unsubscribe:	<https://lists.sourceforge.net/lists/listinfo/xen-devel>, <mailto:xen-devel-request@lists.sourceforge.net?subject=unsubscribe>
Sender:	xen-devel-admin@xxxxxxxxxxxxxxxxxxxxx

> I'm trying to do a nat redirect (traffic redirected from a router, not 
> originally for the machine).  I can see the network traffic, but the 
> iptable rules do not appear to do anything.  Is this possible on a 
> virtual domain, and if not what needs to be done?

This should work okay from domain 0. Domain 0 is allowed to send any
packet to the physical network. Also, packets that match no other rule
are forwarded to domain 0.

iptables -L -v 

and 

iptables -tnat -L -v

may help --- they tell you how many packets have matched each iptables
rule. You might therefore be able to work out whether packets are
reaching domain 0 and, if so, where they are getting misdirected.

 -- Keir


-------------------------------------------------------
This SF.net email is sponsored by: SF.net Giveback Program.
SourceForge.net hosts over 70,000 Open Source Projects.
See the people who have HELPED US provide better services:
Click here: http://sourceforge.net/supporters.php
_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.sourceforge.net/lists/listinfo/xen-devel

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[Xen-devel] iptables nat redirect, Jeff Clark Re: [Xen-devel] iptables nat redirect, Keir Fraser <= Re: [Xen-devel] iptables nat redirect, Jeff Clark Re: [Xen-devel] iptables nat redirect, Ian Pratt Re: [Xen-devel] iptables nat redirect, Jeff Clark

Previous by Date:	[Xen-devel] Re: Faulty bk checkin ! ;-), Keir Fraser
Next by Date:	Re: [Xen-devel] iptables nat redirect, Jeff Clark
Previous by Thread:	[Xen-devel] iptables nat redirect, Jeff Clark
Next by Thread:	Re: [Xen-devel] iptables nat redirect, Jeff Clark
Indexes:	[Date] [Thread] [Top] [All Lists]