I want to filter br1 interface in/out packets that have a specific tcp port number.
Given a setup with eth0 and eth1 in a bridge br1:
| |
eth0 eth1
| == br1== |
In this scenario, I want TCP port 80 traffic to be filtered and routing to nfqueue-num-0 if it is going to network attached from eth0 to eth1 or from eth1 to eth0. I want to do this with a single line iptables command.
**Scenario-1 **- My iptables rule:
iptables -A FORWARD -m physdev --physdev-in eth0, eth1 -p tcp --match multiport --ports 80 -j NFQUEUE --queue-num 0
Then i want modify same time in/out packets with nfqueue and scapy framework. Two different callback functions are required to perform these operations. But i can't run two callback functions on the same time. It has to be simultaneous for real-time packet manipulation to occur. Therefore, i want write single iptables rule which filter two-way network traffic.
So, the question is, how must I write a iptables rule for Scenario-1 ?
