Hi all! While this is not a specific question of Debian, I know that in this mailing list there are people with much experience in Iptables (and perhaps also with Socks5). So maybe hopefully you can give me a hand with this. Right now, the current setup is the following: Gamer ---> Server B (Socks5 proxy) ---> Game server The idea is to use something like the following: Gamer ---> Server A (Forwarder) ---> Server B (Socks5 proxy) ---> Game server Currently the gamer's desktop communicates with the Socks5 server directly. This is done using a proxy client software. I want to be able to add Server A (the Forwarder) into the structure. I have had some work done before this but it only had some success before it failed. The initial traffic from Gamer to Server A port 1500 was indeed forwarded from Server A to Server B port 999. The problem is that Server B's Socks 5 software has it's own idea. It binds the outgoing traffic with an IP and the packets end up going direct between Gamer and Server B once this happens. It just ignores Server A even existed. Worse yet, it will open its own ports to handle the game connections... not just the initial port 999 which only acts more like a "control/auth" port. (note the port numbers are used live but are not important as they can be changed if necessary for any reason). The bind IP in the Socks 5 server software can be set to any IP. However, I'm not sure if this actually will solve the problem combined with iptables or if another solution is required. But I want to keep the Socks5 software... I do not wish to abandon it as it has been working very well before this new forwarder concept. Now the following information may help or not but it came from the developer of the socks5 server... "Sorry, I'm not good at IPtables, but I know my other customer use src ip rule to forward. Such as your s5 server have many virtual IP address, like 10.0.0.1 or 10.0.0.2. Then make a iptables rule, if src ip is 10.0.0.1, forward to server B, if src ip is 10.0.0.2, forward to server c etc." I drew the diagram with the Forwarder that uses iptables in the first position. That might not even be the correct way for it to work. Maybe both servers need to be running the same Socks 5 server software but at the end of the day, the final setup should have the traffic flowing both ways via both servers. Anyone have experience in this type of configurations and can suggest a way to achieve this? Thanks in advance. Kind regards, Daniel
Attachment:
signature.asc
Description: OpenPGP digital signature