Hello, An application (steam) uses WAN interface to send broadcasts. I set up network namespaces so that steam does not see WAN interface:
ip netns add steam ip link add veth0 type veth peer name veth1 brctl addif br1 veth1 ip link set veth0 netns steam ip netns exec steam ip link set dev veth0 up ip link set dev veth1 up ip netns exec steam ip link set lo up ip netns exec steam ip addr add 192.168.1.11/24 broadcast 192.168.1.255 dev veth0 ip netns exec steam ip route add default via 192.168.1.10 Before using namespaces steam sent broadcast packets via WAN interface: 23596 73.037108 5.20.215.xx -> 5.20.215.255 UDP 135 Source port: 27036 Destination port: 27036 Now it sends via LAN, but to the wrong broadcast address: 252 3.250078 192.168.1.11 -> 5.20.215.255 UDP 136 Source port: 27036 Destination port: 27036 It should send broadcasts to 192.168.1.255 and not 5.20.215.255. I don't know how steam knows my WAN broadcast address if I use namespaces. A question - is it possible to redirect broadcast destined to 5.20.215.255 to 192.168.1.255? I quickly tried to use the following rule unsuccessfully: DNAT loc loc:192.168.1.255 udp 27036 27036 5.20.215.255 Regards, Nerijus ------------------------------------------------------------------------------ _______________________________________________ Shorewall-users mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/shorewall-users
