WARNING - OLD ARCHIVES

This is an archived copy of the Xen.org mailing list, which we have preserved to ensure that existing links to archives are not broken. The live archive, which contains the latest emails, can be found at http://lists.xen.org/
   
 
 
Xen 		  
Home Products Support Community News
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] How to redirect domU port to dom0 with nat

from [Wensheng Wang] [Permanent Link][Original]
To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] How to redirect domU port to dom0 with nat
From: Wensheng Wang <wenshengwang@xxxxxxxxx>
Date: Mon, 26 Dec 2005 00:45:57 -0600
Delivery-date: Mon, 26 Dec 2005 06:49:40 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=mjxl4wdpSOcm56VwHDHKQK8hvV8Zci03SzduNdrx1WWZ/XgJmSwxf2rCSzmHKcrRkU7aTjcFIH3ph9DyG8ZYkMDX7rKH86UvM8QwZoqAGCx6ejM1i4oh3wSISW6zYZuPGtTMRYzk6/4hYxVlXLTz74tb3hi/i9Rw5lzN6szuZNo=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
I want to intercept traffic toward a domU port from dom0 and redirect
it to a dom0 port.
It used to work with a simple nat rule in the early xen3.0 (from more
than half year ago)
Like this:
5.6.7.9 is domU ip, 5.6.7.8 is dom0 ip, for example.
iptables -t nat -A PREROUTING -p tcp -d 5.6.7.9 --dport 3333 -j DNAT
--to 5.6.7.8:80


I want to do this so when a person request http://5.6.7.9:3333, he get
response from 5.6.7.8 dom0 web server.

But now it doesn't work.

I use current xen 3.0, default network(use xenbr0).  I have
/proc/sys/net/ipv4/ip_forward set to 1.  direct request of
http://5.6.7.8/ works.

"iptables -nvL -t nat" in dom0 shows 0 pkts for chain prerouting.
tcpdump in domU show pkts get through instead of be intercepted by dom0.

I tried "iptables -t raw -A PREROUTING -i xenbr0 -j NOTRACK" after
recompiling kernel modules, still to no avail.

What can I do to get it work?

Thank you.

Wensheng Wang

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] setting breakpoints around hypercalls in a domU causes dom0 to lockup, Kip Macy
Next by Date:  [Xen-devel] [PATCH] Prevent vbd frontend from oopsing if the underlying device doesn't exist, Horms
Previous by Thread:  [Xen-devel] setting breakpoints around hypercalls in a domU causes dom0 to lockup, Kip Macy
Next by Thread:  Re: [Xen-devel] How to redirect domU port to dom0 with nat, Keir Fraser
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , Citrix Systems Inc. All rights reserved. Legal and Privacy