[CentOS] iptable rule for bypassing netfilter queue for a matching address.‏

2012-01-14 Thread Arif Tuhin
I have two iptable rules for userspace modification : 

iptable -t mangle -A PREROUTING -p udp --dport 9090 -j NFQUEUE 
iptable -t mangle -A OUTPUT -p udp --sport 9090 -j NFQUEUE 

I have the following network setup: 

client Linux Box or router-server. What 
i'm trying to achieve is modifying all packets which comes from client to 9090 
port of the Linux Box. Also which packets will go from Linux Box to client. I 
do not want to manipulate both from or to the server. 

So the rules i need will work like this: 

If packet comes from client to port 9090 i will modify it. Now the router opens 
symmetric port when it communicates with the server. That means it opens 9090 
port when it communicates with the server and hence get modified by the second 
rule(--sport 9090). I want to avoid this. 

The rules will be like this: 

1.If packet comes from a specific ip block i will accept it. then i will queue 
the remaining packets based on the destination port it comes to. 
2.If packet goes to a specific ip block i will forward it. I will queue the 
remaining packets based on the source port information. 

Thanks in advance.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos


[CentOS] Building REDHAT Desktop Virtualization Solution With Centos

2012-01-11 Thread Arif Tuhin

Redhat offers a desktop virtualization solution using kvm,qemu,libvirt and 
spice which is directed at centralized server hosting virtual desktops and 
thin clients connecting to it.

All the relevant software are open source. So it should be possible to achieve 
the same feat with CentOS. Anyone know any complete tutorial regarding this? 

I've found separate tutorials regarding spice, kvm etc. But a complete tutorial 
describing how to emulate the Redhat virtualization for Desktops will be very 
handy.

Thanks in advance.
___
CentOS mailing list
CentOS@centos.org
http://lists.centos.org/mailman/listinfo/centos