PhilBon

Does anyone have any idea on if someone could create a program or socket that would be able to change as it went though routers. Basically this: I send packet a to 192.168.0.2(router) when it gets there the packet changes it's detination to 192.168.1.2 (2nd router) and then when it gets there it changes once again to hit 192.168.2.2 (3rd router) and then finally moves onto 192.168.2.25 (the coupter it needs to reach). The reason I ask for this is because the IT administrators at my school want to be able to access our server internally but the District wont let us configure the router for port forwarding. Plus we want to make it so that only people that know the system can get in and keep hackers away.
On that thought anyone know of a program or file that will do a trace for me and find all the routers and different things that might be in the way between the LAN and WAN?

J_Kay

I don't believe you can do that, because when a packet is sent to the router, it has a set destination address. If you send a packet with the destination of 2.25, it'll head to its default gateway, which would be router 1. Router 1 would then check its routing table and try to send it to the next possible place down the line. Router 1 would know about Routers 2 & 3, because of a protocol, can't remember the name off the top of my head, but they share routing info. So Router 1 would know that to get to 2.25 it needs to send the packet to Router 2. Router 2 knows about Router 3, and would send it's direction. Hope this didn't confuse you, and hope it helps. I'm new to programming so they're might be some tricks, but I'm pretty sure that the header of the packet can't be manipulated too much, because it would lose "integrity" and the server could discard it.

jim mcnamara

Does your District understand what a NAT is? That provides exactly what they want.
A NAT provides a dynamic dummy IP address to the "outside" world.

Assuming I understand your question....

Plus, what you described will NOT work.

Jimbo

You mean like running a traceroute?

As to the main question, you might be able to do it by setting up static routes between your routers (something like if the dest IP is w.x.y.z, then go to this next hop for each router), although that's just a pain. That way you'd have to know the right dest IP to get it to work. Alternatively, since you aren't allowed to do port-forwarding, can you set up an ACL?

I guess part of the solution will depend on what you mean by "access our server internally." If they're on the LAN then it should be pretty easy. If they want to access it remotely from outside the LAN, you might look into a VPN or something like that.

And if the 192.168.x.y addresses you gave us are the actual ones, then you already have NAT running at the edge of your network...