Xen 		  
Home About Xen.org Xen Xen Summit Wiki Mailing List Bug Tracker Xen Downloads
 
   
 

xen-devel

[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[Xen-devel] How to redirect domU port to dom0 with nat

from [Wensheng Wang] [Permanent Link][Original]
To: xen-devel@xxxxxxxxxxxxxxxxxxx
Subject: [Xen-devel] How to redirect domU port to dom0 with nat
From: Wensheng Wang <wenshengwang@xxxxxxxxx>
Date: Mon, 26 Dec 2005 00:45:57 -0600
Delivery-date: Mon, 26 Dec 2005 06:49:40 +0000
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=mjxl4wdpSOcm56VwHDHKQK8hvV8Zci03SzduNdrx1WWZ/XgJmSwxf2rCSzmHKcrRkU7aTjcFIH3ph9DyG8ZYkMDX7rKH86UvM8QwZoqAGCx6ejM1i4oh3wSISW6zYZuPGtTMRYzk6/4hYxVlXLTz74tb3hi/i9Rw5lzN6szuZNo=
Envelope-to: www-data@xxxxxxxxxxxxxxxxxxx
List-help: <mailto:xen-devel-request@lists.xensource.com?subject=help>
List-id: Xen developer discussion <xen-devel.lists.xensource.com>
List-post: <mailto:xen-devel@lists.xensource.com>
List-subscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=subscribe>
List-unsubscribe: <http://lists.xensource.com/cgi-bin/mailman/listinfo/xen-devel>, <mailto:xen-devel-request@lists.xensource.com?subject=unsubscribe>
Sender: xen-devel-bounces@xxxxxxxxxxxxxxxxxxx 
I want to intercept traffic toward a domU port from dom0 and redirect
it to a dom0 port.
It used to work with a simple nat rule in the early xen3.0 (from more
than half year ago)
Like this:
5.6.7.9 is domU ip, 5.6.7.8 is dom0 ip, for example.
iptables -t nat -A PREROUTING -p tcp -d 5.6.7.9 --dport 3333 -j DNAT
--to 5.6.7.8:80


I want to do this so when a person request http://5.6.7.9:3333, he get
response from 5.6.7.8 dom0 web server.

But now it doesn't work.

I use current xen 3.0, default network(use xenbr0).  I have
/proc/sys/net/ipv4/ip_forward set to 1.  direct request of
http://5.6.7.8/ works.

"iptables -nvL -t nat" in dom0 shows 0 pkts for chain prerouting.
tcpdump in domU show pkts get through instead of be intercepted by dom0.

I tried "iptables -t raw -A PREROUTING -i xenbr0 -j NOTRACK" after
recompiling kernel modules, still to no avail.

What can I do to get it work?

Thank you.

Wensheng Wang

_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxxxxxxxx
http://lists.xensource.com/xen-devel
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  [Xen-devel] setting breakpoints around hypercalls in a domU causes dom0 to lockup, Kip Macy
Next by Date:  [Xen-devel] [PATCH] Prevent vbd frontend from oopsing if the underlying device doesn't exist, Horms
Previous by Thread:  [Xen-devel] setting breakpoints around hypercalls in a domU causes dom0 to lockup, Kip Macy
Next by Thread:  Re: [Xen-devel] How to redirect domU port to dom0 with nat, Keir Fraser
Indexes:  [Date] [Thread] [Top] [All Lists]
 
   

Copyright , XenSource, Inc. All rights reserved. Note: the xen.org trademark policy
is changing. For information please email legalxen.org, Legal and Privacy