iptables 問題

想問下iptables 除左用port 之外,
仲有咩方法可以判斷一d traffic 係唔係vnc 的traffic?
[isp]-->[server:running proxy, port=443]--->[pc1:running vnc, port=443]
↓in server↓
if (traffic is vnc) nat to pc1
else accept

Google "vnc tcp port"


You can try layer 7 filter but you need to patch the kernel.

Anyway, not sure what software you will be using for your proxy server and why port 443.


回覆 3# 的帖子

the proxy will only use by me and my friends, all of them are http or https traffic,

the reason i use port 443 is my company blocked other ports, so that the only one port i can use is 443,
of cause, VNC use the same port is the same reason><

i will try out layer 7 filter, thank you very much!