Redirecting packets to and from SafeLinx Server
Packet mapping is a way to redirect data through a mobile network interface (MNI).
To create a packet mapping, right-click the organizational unit (OU) in which you want to add the packet mapping, click
, and then select the packet type.- Redirect certain types of data packets according to various criteria. The types of packets are TCP, UDP, ICMP, and other.
- Change specific fields within the packet header
- Change specific character strings within the packet data
For example, you have a subnet of email application programs running on SafeLinx Clients that is configured to connect to sendmail servers that listen on well-known port 25. An email server is optimized for SafeLinx Clients and is configured to listen on port 9000; port 25 continues to be used by other client applications. Because email uses simple mail transfer protocol (SMTP), a TCP application, you can set up a TCP mapping function on the SafeLinx Server to redirect all outgoing mail packets from port 25 to port 9000.
- From a single IP address or from a group (subnet) of IP addresses
- To a single IP address or to a group (subnet) of IP addresses
- Only when the packet is going to a SafeLinx Client or coming from a SafeLinx Client.
Filter type | Filter criteria |
---|---|
TCP packets | You can qualify the mapping according to the port that is used by the originator or the receiver of the packet. You can further qualify the mapping by specifying a from-flag and a to-flag in the packet header. Note: Flags should only be
used by protocol experts who require this level of differentiation
for a special purpose. |
UDP packets | You can qualify the mapping according to the port used by the originator or the receiver of the packet. |
ICMP packets | You can qualify the mapping according to a specific type of ICMP packet. For some specific ICMP packets, you can further qualify according to the code that applies to the packet. |
Other packets | You can qualify the mapping according to a specific type of IP-protocol. Specify a search for a specific character string within the packet header. |