The HyperNews Linux KHG Discussion Pages

Question: Can one tell the kernel to add a demasquerading rule? (and sorry about previous triplicate)

Forum: The Linux Kernel Hackers' Guide
Keywords: SYN firewall transparent proxy raw socket
Date: Wed, 15 Jul 1998 06:23:55 GMT
From: Wesley Terpstra <terpstra@unixg.ubc.ca>

In a UDP proxy I need to be able to resend a UDP packet I received from a client machine to the world and have it re-enter the trusted network via kernel demasquerading. I would, of course, setup a firewall rule to masquerade the UDP packet but I need to run some checks on it in user space before I let it through.

What I have right now is:
	- I receive the UDP packets from the transparent proxy rules
	- I test it and resend it to the world (spoofed as though it came from the sender to the destination)
	- The kernel does something to the packet and I don't get a reply.

Should I not send it as though from the host, but from the name the kernel provides when I tell it to add a demasquerading rule? And how do I make it add one.

Thanks alot; I have no idea where to begin.