[rtmpdump] rtmpsuck file?

Howard Chu hyc at highlandsun.com
Wed Jan 6 02:36:05 CET 2010

Dan Schmidt wrote:
> Actually, yes, the video did play perfectly; I reloaded the webpage more than
> once.  However, hyc said I was running the wrong user.  Then again, how did
> the video play if I was running the wrong user?  When I have time, I will try
> again with my name as the uid-owner.

The video played because the flash client gave up on the port 1935 connection
and did a fallback to port 80 or port 443.

Just to recap, even though it ought to be perfectly obvious by now:

quoting from the README - you ignore the text in here at your own peril...

In my original plan I would have the transparent proxy running as a special
user (e.g. user "proxy"), and regular Flash clients running as any other user.
In that case the proxy would make the connection to the real RTMP server. The
iptables rule would look like this:

iptables -t nat -A OUTPUT -p tcp --dport 1935 -m owner \! --uid-owner proxy \

A rule like the above will be needed to use rtmpsuck.

The iptables rule given above will cause outbound connections to port 1935 for
all users except proxy to be redirected to localhost. Thus, only the proxy
user can make real outbound connections on port 1935. So, the rtmpsuck program
must be running as user proxy so that it can receive other users' connection
attempts and then make its own real outbound connections. When you ran
rtmpsuck as your own user "dan" it received the connection attempt from the
Flash client, but then when it tried to make its own outbound connection, that
also got redirected back to itself.

It doesn't matter if you use user "dan" or any other user in the iptables
rule. What matters is that the user in the iptables rule *must* be the one
that runs rtmpsuck, and the user that runs the flash client *must* be a
different user.

More information about the rtmpdump mailing list