Redirecting packets to and from SafeLinx Server
Packet mapping is a way to redirect data through a mobile network interface (MNI).
To create a packet mapping, right-click the organizational unit (OU) in which you want to add the packet mapping, click, and then select the packet type.
- Redirect certain types of data packets according to various criteria. The types of packets are TCP, UDP, ICMP, and other.
- Change specific fields within the packet header
- Change specific character strings within the packet data
For example, you have a subnet of email application programs running on SafeLinx Clients that is configured to connect to sendmail servers that listen on well-known port 25. An email server is optimized for SafeLinx Clients and is configured to listen on port 9000; port 25 continues to be used by other client applications. Because email uses simple mail transfer protocol (SMTP), a TCP application, you can set up a TCP mapping function on the SafeLinx Server to redirect all outgoing mail packets from port 25 to port 9000.
- From a single IP address or from a group (subnet) of IP addresses
- To a single IP address or to a group (subnet) of IP addresses
- Only when the packet is going to a SafeLinx Client or coming from a SafeLinx Client.
|Filter type||Filter criteria|
You can qualify the mapping according to the port that is used by the originator or the receiver of the packet.
You can further qualify the mapping by specifying a from-flag and a to-flag in the packet header.
Note: Flags should only be used by protocol experts who require this level of differentiation for a special purpose.
|UDP packets||You can qualify the mapping according to the port used by the originator or the receiver of the packet.|
|ICMP packets||You can qualify the mapping according to a specific type of ICMP packet. For some specific ICMP packets, you can further qualify according to the code that applies to the packet.|
|Other packets||You can qualify the mapping according to a specific type of IP-protocol. Specify a search for a specific character string within the packet header.|