[rtmpdump] r120 - trunk/README
hyc at highlandsun.com
Wed Dec 30 10:49:56 CET 2009
> Author: hyc
> Date: Mon Dec 28 09:53:48 2009
> New Revision: 120
> Add note about rtmpsrv
> +On Linux you can also use iptables to redirect all outbound RTMP traffic.
> +You can do this as root:
> +iptables -t nat -A OUTPUT -p tcp --dport 1935 -j REDIRECT
I think the BSD ipfw command can do something similar. I don't have a BSD
system handy but from reading the ipfw(8) manpage, I think it would look like:
ipfw add 40 fwd 127.0.0.1 1935 tcp from any to any 1935
> +In my original plan I would have the transparent proxy running as a special
> +user (e.g. user "proxy"), and regular Flash clients running as any other user.
> +In that case the proxy would make the connection to the real RTMP server. The
> +iptables rule would look like this:
> +iptables -t nat -A OUTPUT -p tcp --dport 1935 -m owner \! --uid-owner proxy \
> + -j REDIRECT
Likewise the corresponding BSD command would be
ipfw add 40 fwd 127.0.0.1 1935 tcp from any to any 1935 not uid proxy
If anyone can test this and report back, that would be helpful...
It also looks like we don't actually need the Linux-specific sockopt to
retrieve the true destination address, since it's usually provided in the
tcUrl of the Connect request. But I guess it would save some time to actually
use it since the kernel provides it...
More information about the rtmpdump