# [solved] Redirect traffic to another interface

## haarp

Greetings.

I have an old Wine game that I want to play with a friend of Hamachi (a VPN). The game only sees the main network interface (eth0) and binds to that. (I can see the traffic in Wireshark). Attempts to get it to use the Hamachi interface ham0 failed. I've tried changing the localhost line in /etc/hosts to my hamachi ip to no avail.

So I have another idea. Would it be possible to modify iptables to redirect traffic to/from specific ports to another interface? I tried searching the web and found quite a few sites with examples, but to be honest, I don't get them. iptables is a mystery to me. Can anyone here help me out?Last edited by haarp on Sat Oct 31, 2009 7:45 pm; edited 1 time in total

----------

## Exil

you can use route to do that. If you know the dst ip, ofcourse

route add -host dst.host/mask gw ham0

----------

## haarp

Mhh, thanks, but I don't think that would work. The game is based on DirectPlay. For instance, when the game is looking for hosted sessions, it sends a query on the broadcast address (255.255.255.255), port 47624, but only on eth0. How would I redirect that with your method? I can't reroute the broadcast adress, now can I?  :Smile: 

----------

## Kobboi

Maybe change the interface names? Either with a udev rule (probably based on the MAC address) or with the ip command from sys-apps/iproute2 (ip link set <oldname> name <newname>)

----------

## Bircoph

Create special user/group for this game, mark its packets in the iptables via -m owner, route this packets whenever you want using iproute2. Do not forgot to allow related, established states in the iptables.

----------

## haarp

 *Kobboi wrote:*   

> Maybe change the interface names? Either with a udev rule (probably based on the MAC address) or with the ip command from sys-apps/iproute2 (ip link set <oldname> name <newname>)

 

I don't think the interface names are the issue here

 *Bircoph wrote:*   

> Create special user/group for this game, mark its packets in the iptables via -m owner, route this packets whenever you want using iproute2. Do not forgot to allow related, established states in the iptables.

 

Can't really change the user/group here. :/

I never imagined that it could be so difficult to figure this stuff out.  :Wink: 

Exil's route command looked the most promising to me. I just need a way to make it match on port instead of dest ip...if that's impossible, maybe just copy all traffic on eth0 to ham0? Shouldn't really hurt, should it? (apart from the security issue) Tried a few commands after reading the manpage, but none seem to work. I must be doing something wrong

----------

## haarp

I suppose you guys ran outta ideas aswell?

----------

## Bircoph

 *haarp wrote:*   

> 
> 
> Exil's route command looked the most promising to me. I just need a way to make it match on port instead of dest ip

 

If you need only match on dest port, read lartc howto: http://lartc.org/howto/

u32 classifier will help you.

If you need more sophisticated checks, use iptables, mark appropriate packets and route them using fwmark $MARK. Good example is here: http://lartc.org/howto/lartc.netfilter.html

----------

## haarp

Finally got this figured out. All I needed was:

```
route add -host 255.255.255.255 dev ham0
```

----------

