man-in-the-middle
Hi guys,
I need to drop a box inbetween two public services (windows boxen), that will
route traffic between the two. They *can* see each other directly, but are
not allowed to (for reasons beyond my control). So far so good, except for
one thing. It looks like this:
A (win) ----------------------- B (lin) ------------------------ C (win)
What should happen is that A will contact B (on B's IP) thinking that it is
the windows PC. And vice-versa. C will contact B (on B's IP) thinking it is
A. So NATing both ways. Any traffic arriving at A sent from C will look to
A as if it's coming from B, and vice versa. I hope that's clear enough.
B has two interfaces, and I have no access to A or C - can't change anything
on them. Let's say the IPs are:
A = 60.60.60.60
B = 70.70.70.1 and 70.70.70.2
C = 80.80.80.80
I've been reading loads of iptables docs, most of Rusty Russel's stuff too but
it's confusing me more. From what he writes it almost looks like I'll need
more than one machine inbetween, which is also out of the question (rackspace
costs money).
Any suggestions will be appreciated!
Thanks
--
Kind regards
Hans du Plooy
Newington Consulting Services
hansdp at newingtoncs dot co dot za
Reply to: