tcpdump 在我的计算机上按预期工作。
tcpdump -i enx00e04c04009e -Uw - | tcpdump -en -r - vlan 201
17:52:51.447340 04:01:30:00:00:16 > 03:00:03:00:04:00, ethertype 802.1Q (0x8100), length 66: vlan 201, p 0, ethertype IPv4 (0x0800), 192.16.4.47.2013 > 192.16.4.6.5007: UDP, length 20
在我的配置中,我有带eth1.201ip 的vlan 192.16.4.10(可能不太相关)并且没有分配接口192.16.4.6,因此原始流量针对的是另一台机器。
这问。我想重新分配上面的destination ip数据UDP包,而不是定位,192.16.4.6我想选择一个本地地址192.16.4.10。
我一直在努力使用 iptables 但没有成功,例如,下面的尝试没有任何结果:
/usr/sbin/iptables-legacy -t nat -A PREROUTING -p udp -i eth1.201 -d 192.16.4.6 -j DNAT --to-destination 192.16.4.10
假设这对于右脑来说很简单。
编辑,根据@AB 的要求添加了信息
设置非常简单
RaspberryPI_播放器
sudo tcpreplay -x 0.01 --loop=0 --intf1=eth1 Wireshark_bidirectional_data.pcap
RaspberryPI_目标_我的_机器
从香草开始这就是我所做的
sudo ip link add link eth1 name eth1.201 type vlan id 201
sudo ip addr add 192.16.4.10/32 dev eth1.201
sudo ip link set dev eth1.201 up
/usr/sbin/iptables-legacy -t nat -A PREROUTING -p udp -i eth1.201 -d 192.16.4.6 -j DNAT --to-destination 192.16.4.10
ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether e4:5f:01:95:ff:d5 brd ff:ff:ff:ff:ff:ff
3: enx00e04c04009e: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 00:e0:4c:04:00:9e brd ff:ff:ff:ff:ff:ff
4: wlan0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether e4:5f:01:95:ff:d7 brd ff:ff:ff:ff:ff:ff
5: vcan0: <NOARP,UP,LOWER_UP> mtu 72 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/can
6: vcan1: <NOARP,UP,LOWER_UP> mtu 72 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/can
7: vcan2: <NOARP,UP,LOWER_UP> mtu 72 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/can
8: vcan3: <NOARP,UP,LOWER_UP> mtu 72 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/can
9: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:cf:b8:3b:8a brd ff:ff:ff:ff:ff:ff
10: br-b54950de0d83: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default
link/ether 02:42:ff:74:1e:e6 brd ff:ff:ff:ff:ff:ff
13: eth1.201@enx00e04c04009e: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether XX:XX:XX:XX:XX:XX brd ff:ff:ff:ff:ff:ff
$ ip -br address
lo UNKNOWN 127.0.0.1/8 ::1/128
eth0 UP 192.168.2.161/24 fe80::26c0:e9dc:d0f1:1185/64
enx00e04c04009e UP 192.168.12.4/24 fe80::1a3b:6f20:dd33:46d0/64
wlan0 UP 192.168.4.1/24 fe80::9fe9:511d:8f32:6e13/64
vcan0 UNKNOWN
vcan1 UNKNOWN
vcan2 UNKNOWN
vcan3 UNKNOWN
docker0 DOWN 172.17.0.1/16
br-b54950de0d83 DOWN 172.18.0.1/16 fe80::42:ffff:fe74:1ee6/64
eth1.201@enx00e04c04009e UP 198.16.4.10/32 169.254.224.254/16 fe80::d2e5:5567:4976:2ac9/64
$ ip rule
0: from all lookup local
32766: from all lookup main
32767: from all lookup default
$ ip -4 neigh
192.168.12.11 dev enx00e04c04009e lladdr 00:e0:4c:03:00:f3 STALE
192.168.2.253 dev eth0 lladdr b8:27:eb:ae:6e:89 REACHABLE
192.16.4.47 dev eth1.201 lladdr 02:00:00:00:00:16 STALE
192.168.2.1 dev eth0 lladdr 70:8b:cd:87:cd:98 STALE
$ sudo /usr/sbin/iptables-legacy-save -c
# Generated by iptables-save v1.8.7 on Wed May 24 15:22:35 2023
*filter
:INPUT ACCEPT [920:79203]
:FORWARD ACCEPT [1412:89632]
:OUTPUT ACCEPT [572:84568]
[0:0] -A FORWARD -s 192.16.4.6/32 -d 192.16.4.10/32 -j ACCEPT
[0:0] -A FORWARD -s 192.16.4.6/32 -d 192.16.4.10/32 -j ACCEPT
COMMIT
# Completed on Wed May 24 15:22:35 2023
# Generated by iptables-save v1.8.7 on Wed May 24 15:22:35 2023
*nat
:PREROUTING ACCEPT [20:3564]
:INPUT ACCEPT [11:2780]
:OUTPUT ACCEPT [2:142]
:POSTROUTING ACCEPT [2:142]
[0:0] -A PREROUTING -d 192.16.4.6/32 -i eth1.201 -p udp -j DNAT --to-destination 192.16.4.10
COMMIT
# Completed on Wed May 24 15:22:35 2023
我没有用 iptables 做过任何事情(只用过 Legace),不过还是添加了输出
$ sudo /usr/sbin/iptables-nft-save -c
# Generated by iptables-nft-save v1.8.7 on Wed May 24 15:13:19 2023
*filter
:INPUT ACCEPT [0:0]
:FORWARD DROP [23660:1503520]
:OUTPUT ACCEPT [0:0]
:DOCKER - [0:0]
:DOCKER-ISOLATION-STAGE-1 - [0:0]
:DOCKER-ISOLATION-STAGE-2 - [0:0]
:DOCKER-USER - [0:0]
[23660:1503520] -A FORWARD -j DOCKER-USER
[23660:1503520] -A FORWARD -j DOCKER-ISOLATION-STAGE-1
[0:0] -A FORWARD -o docker0 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
[0:0] -A FORWARD -o docker0 -j DOCKER
[0:0] -A FORWARD -i docker0 ! -o docker0 -j ACCEPT
[0:0] -A FORWARD -i docker0 -o docker0 -j ACCEPT
[0:0] -A FORWARD -o br-b54950de0d83 -m conntrack --ctstate RELATED,ESTABLISHED -j ACCEPT
[0:0] -A FORWARD -o br-b54950de0d83 -j DOCKER
[0:0] -A FORWARD -i br-b54950de0d83 ! -o br-b54950de0d83 -j ACCEPT
[0:0] -A FORWARD -i br-b54950de0d83 -o br-b54950de0d83 -j ACCEPT
[0:0] -A DOCKER-ISOLATION-STAGE-1 -i docker0 ! -o docker0 -j DOCKER-ISOLATION-STAGE-2
[0:0] -A DOCKER-ISOLATION-STAGE-1 -i br-b54950de0d83 ! -o br-b54950de0d83 -j DOCKER-ISOLATION-STAGE-2
[23660:1503520] -A DOCKER-ISOLATION-STAGE-1 -j RETURN
[0:0] -A DOCKER-ISOLATION-STAGE-2 -o docker0 -j DROP
[0:0] -A DOCKER-ISOLATION-STAGE-2 -o br-b54950de0d83 -j DROP
[0:0] -A DOCKER-ISOLATION-STAGE-2 -j RETURN
[23660:1503520] -A DOCKER-USER -j RETURN
COMMIT
# Completed on Wed May 24 15:13:19 2023
# Generated by iptables-nft-save v1.8.7 on Wed May 24 15:13:19 2023
*nat
:PREROUTING ACCEPT [0:0]
:INPUT ACCEPT [0:0]
:OUTPUT ACCEPT [0:0]
:POSTROUTING ACCEPT [0:0]
:DOCKER - [0:0]
[5:476] -A PREROUTING -m addrtype --dst-type LOCAL -j DOCKER
[0:0] -A OUTPUT ! -d 127.0.0.0/8 -m addrtype --dst-type LOCAL -j DOCKER
[0:0] -A POSTROUTING -s 172.17.0.0/16 ! -o docker0 -j MASQUERADE
[0:0] -A POSTROUTING -s 172.18.0.0/16 ! -o br-b54950de0d83 -j MASQUERADE
[0:0] -A DOCKER -i docker0 -j RETURN
[0:0] -A DOCKER -i br-b54950de0d83 -j RETURN
COMMIT
# Completed on Wed May 24 15:13:19 2023
# Warning: iptables-legacy tables present, use iptables-legacy-save to see them
是的,上面有一些混淆,祈祷我没有搞砸太多。