I have serveral devices sending UDP packets to 192.168.1.40:5555 which I want to receive by multiple computers on a different subnet (192.168.3.x). All devices are connected to the WAN port (via a switch) to my OpenWRT router and two computers are connected to the LAN ports. The WAN interface has a static ip of 192.168.1.40 which allows the router to receive the UDP unicast packets. The LAN interface is assigned to the 192.168.3.x subnet. All computers on this subnet should be able to receive the UDP packets from 192.168.1.x subnet.
The following solution in an answer to a very similar question is what I've started with: https://unix.stackexchange.com/a/299937
Basically the following socat command allows me to transform UDP packets from these devices into broadcast:
socat -u -T1 UDP-LISTEN:5555,fork,range=192.168.1.0/24 UDP-DATAGRAM:192.168.3.255:5555,broadcast
However the problem I have is I need to keep track of which device sent which UDP packet by keeping the source IP. I couldn't find a way to get socat to preserve the source IP. From the receiving computers point of view it looks like the UDP packets originate from 192.168.3.1.
I was able to figure out how to change the source ip for all packets using iptables:
iptables -t nat -A POSTROUTING --destination 192.168.3.255/24 -j SNAT --to-source 192.168.1.81
However this doesn't solve the original problem. I know the IP addresses of the devices sending the UDP packets:
- 192.168.1.81
- 192.168.1.82
- 192.168.1.83
- 192.168.1.84
So next I tried to use iptables to mark the packets received from each device before being consumed by socat and then before sending them out I change the source IP. These are the commands I tried:
iptables -t mangle -A PREROUTING --source 192.168.1.81 -j MARK --set-mark 0x400
iptables -t mangle -A PREROUTING --source 192.168.1.82 -j MARK --set-mark 0x401
iptables -t mangle -A PREROUTING --source 192.168.1.83 -j MARK --set-mark 0x402
iptables -t mangle -A PREROUTING --source 192.168.1.84 -j MARK --set-mark 0x403
iptables -t nat -A POSTROUTING --destination 192.168.3.255 -m mark --mark 0x400 -j SNAT --to-source 192.168.1.81
iptables -t nat -A POSTROUTING --destination 192.168.3.255 -m mark --mark 0x401 -j SNAT --to-source 192.168.1.82
iptables -t nat -A POSTROUTING --destination 192.168.3.255 -m mark --mark 0x402 -j SNAT --to-source 192.168.1.83
iptables -t nat -A POSTROUTING --destination 192.168.3.255 -m mark --mark 0x403 -j SNAT --to-source 192.168.1.84
I can see that packets are marked correctly by observing the output of iptables -vL -t mangle. However it doesn't look like the nat rules work. The counters are not incremented when looking at iptables -vL -t nat.
Maybe I'm making this more complicated than it needs to be but the end goal is to be able to receive these UDP packets on multiple computers and know where they originated from, how can I accomplish this?