IPv4 NAT UDP Traversal issue
in [Kernel]
|
Prev: [PATCH] cxgb3: fix linkup issue
Next: [PATCH 3/4] writeback: pay attention to wbc->nr_to_write in write_cache_pages
From: 飞颜 on 19 Apr 2010 22:00 Dear all, I have a question about Linux NAT, our Product is ADSL Router(Linux Version is 2.6.22.15), and Now our customers requirment is below: IPv4 Nat: UDP Traversal through NAT, must support STUN (RFC3489) the four ways: Full Cone��Restricted Cone��Port Restricted Cone and Symmetric As I known, netfilter IPv4 NAT is belonged to Symmetric type. and if want UDP Traversal through NAT, NAT Device can not be Port Restricted Cone and Symmetric type if the other is Symmetric type. So my question is: Can iptable set the UDP NAT converted to Full Cone or Restricted Cone type? we now set NAT use iptables below�� Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE all -- anywhere anywhere Thanks very much! BR, win847 -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
From: ratheesh k on 19 Apr 2010 23:10
2010/4/20 ���� <win847(a)gmail.com>: > Dear all, > > I have a question about Linux NAT, our Product is ADSL > Router(Linux Version is 2.6.22.15), and Now our customers requirment > is below: > > IPv4 Nat: UDP Traversal through NAT, must support STUN > (RFC3489) the four ways: Full Cone��Restricted Cone��Port Restricted > Cone and Symmetric > > As I known, netfilter IPv4 NAT is belonged to Symmetric type. > and if want UDP Traversal through NAT, NAT Device can not be Port > Restricted Cone and Symmetric type if the other is Symmetric type. > > So my question is: Can iptable set the UDP NAT converted to > Full Cone or Restricted Cone type? > > we now set NAT use iptables below�� > > Chain POSTROUTING (policy ACCEPT) > target prot opt source destination > MASQUERADE all -- anywhere anywhere > > Thanks very much! > > BR, > win847 > -- > To unsubscribe from this list: send the line "unsubscribe linux-kernel" in > the body of a message to majordomo(a)vger.kernel.org > More majordomo info at http://vger.kernel.org/majordomo-info.html > Please read the FAQ at http://www.tux.org/lkml/ > There is a dedicated mailing list for netfilter . netfilter-users -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo(a)vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/ |