I told my crap Belkin home DSL router to route all packets from port 80 to this computer here I'm typing from. From anywhere on the Internet this is true. It routes the connections to the right computer, and you see my journal page like this all nice. However, this computer is not connected by the same plug as the Internet, nor is the other computer on the LAN I maintain. Those two are plugged in separate locations, and that allows the router to send stuff to one or the other, which is nice. What is not nice is, when anything sends a packet to my IP address at 63.197.122.98, through a plug that is not the Internet plug, it sends the packet to itself, and not to my computer back here like it should. There is no way to override this. So when you go to synx.us.to, you get my journal here. When I go to synx.us.to, I get my router's web based configuration interface. The same IP address, the same port, different destinations. Are the people at Belkin retarded, or just lazy? I want my $60 worth!
However, there is hope. In Linux at least. I haven't a clue how to use BSD packet filtering. In Linux though, I've discovered a solution. Let's say you want all packets leaving your machine going to a certain IP address, to instead go to another IP address and be routed that way. In my case, I want all packets that originate on my machine, destined for 63.197.122.98 to instead go to 127.0.0.1 and thereby never even touch my crap Belkin router in the first place. Here's how I did it:
# modprobe iptable_nat # It must be done using the NAT table AFAIK # iptables -t nat -A OUTPUT -p tcp --dst 63.197.122.98 -j DNAT --to-destination 127.0.0.1
If you want to send address 23.34.45.56 to 12.23.23.34, or as a joke you want to route 207.46.0.0/16 to 204.152.189.132, you replace 63.197.122.98 and 127.0.0.1 correspondingly.
This works for packets originating on the router. I don't know what happens to the packets that originate elsewhere that just pass through the router. I don't have any money to buy a Linux router, which is why I'm using my crap Belkin one, so I can only test endpoints. I suspect packets passing through would never touch the OUTPUT chain at all, instead passing along through FORWARD. In theory all packets that touch the machine pass through PREROUTING before anything else, but when I tried using PREROUTING instead of OUTPUT, it didn't work. Nevertheless, if you use my above technique with PREROUTING it should affect packets your router is forwarding, but not packets that originate from it. I can't verify that, but it makes sense sorta.
Comment
Index
Previous
(Got to see Invader Zim)
Next
(Remote Payment Methods)