Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Scheduled inbound nat

    Scheduled Pinned Locked Moved NAT
    9 Posts 3 Posters 1.9k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • K
      kaotiklabs
      last edited by

      Hi mates,

      Ihave a trouble with nats.
      I have 3 webcams (broadcasting with RTSP) inside my lan and I want them to stream through the same external port (1555) in different hours. I think I need to schedule the outbound nat rule but I can't find how.

      This is exactly what I need:
      from 09:30 to 10 external port 1555 must point to lan address 192.168.1.21
      from 10 to 10:30 external port 1555 must point to lan address 192.168.1.23
      from 10:30 to 11 external port 1555 must point to lan address 192.168.1.25

      It's mandatory to use the same external port. How can I solve this?
      Thanks in advance!

      1 Reply Last reply Reply Quote 0
      • M
        muswellhillbilly
        last edited by

        Firewall rules can have schedules applied to them, but I know of no firewall which can re-apply NAT rules to a schedule.

        Perhaps it might help if you explained what you were trying to do exactly instead of asking for a supposed solution?

        1 Reply Last reply Reply Quote 0
        • K
          kaotiklabs
          last edited by

          Well, it's easy.

          I Have hired and external streaming service which broadcast my emission and I need to rotated my 3 webcams signal (inside lan) in a schedule. (swap to the next each half hour).

          I cannot change the url or port in the streaming service, must be always the same.
          So, I wanted to solve this through scheduled nat changes. :(
          any better idea?

          Thanks in advance.

          @muswellhillbilly:

          Firewall rules can have schedules applied to them, but I know of no firewall which can re-apply NAT rules to a schedule.

          Perhaps it might help if you explained what you were trying to do exactly instead of asking for a supposed solution?

          1 Reply Last reply Reply Quote 0
          • M
            muswellhillbilly
            last edited by

            What about using a reverse proxy or load balancer? You could set a cron job on a proxy forwarder to target each webcam every half hour. The port forward would only have to point to the proxy and the re-targeting could be done from the proxy server itself.

            1 Reply Last reply Reply Quote 0
            • K
              kaotiklabs
              last edited by

              Seems a good idea but RTSP seems a tricky protocol and I dont really know if its possible.
              which kind of proxy should I use? must be an specific one for rtsp?

              1 Reply Last reply Reply Quote 0
              • johnpozJ
                johnpoz LAYER 8 Global Moderator
                last edited by

                This seems like pretty stupid setup, why would you not want access to all your webcams at any time??  And be able switch to them when you wanted??

                I would think if you forwarded to an alias that pointed a dns name that changed you could just have it change by setting how often the alias updates.  With a cron job you would have to look into how to edit the rules from cmd line and setup your cron to do it.  AFAIK there is no current way in the gui to do such a thing.

                But still don't understand the purpose..  If I had 3 webcams I would want to be able to access all of them, not just 1 and have to wait 30 mins to see the next one..

                An intelligent man is sometimes forced to be drunk to spend time with his fools
                If you get confused: Listen to the Music Play
                Please don't Chat/PM me for help, unless mod related
                SG-4860 24.11 | Lab VMs 2.8, 24.11

                1 Reply Last reply Reply Quote 0
                • K
                  kaotiklabs
                  last edited by

                  Hehe it sounds pretty stupid if you dont know the reason xD
                  Each camera is in a different classroom and we only do activities in that schedule, half hour in each room.
                  We just want to stream that activities.
                  So we think theres no reason to hire 3 external streaming services when we can do it with just one because the schedule casually correspond in time.

                  So which method seems better?

                  try to proxify it?
                  dns change?
                  or what about a virtual ip?

                  1 Reply Last reply Reply Quote 0
                  • johnpozJ
                    johnpoz LAYER 8 Global Moderator
                    last edited by

                    virtual ip gets you what?  Do you have more than 1 public IP?  Can you not just setup the streaming service to go to different public IPs at a specific time… Which streaming service are you using ustream?

                    Ok thinking about this for a few seconds.  Why don't you just edit the config and then do a reload in your cronjob.

                    so you could setup a edit of /cf/conf/config.xml to change what you want be it the IP your pointing to in your nat..  Be it the alias IP that was used in your nat rule, etc.

                    Then just remove the cache /tmp/config.cache and then you can reload it with /etc/rc.filter_configure I do believe

                    An intelligent man is sometimes forced to be drunk to spend time with his fools
                    If you get confused: Listen to the Music Play
                    Please don't Chat/PM me for help, unless mod related
                    SG-4860 24.11 | Lab VMs 2.8, 24.11

                    1 Reply Last reply Reply Quote 0
                    • M
                      muswellhillbilly
                      last edited by

                      @kaotiklabs:

                      Seems a good idea but RTSP seems a tricky protocol and I dont really know if its possible.
                      which kind of proxy should I use? must be an specific one for rtsp?

                      There are plenty of proxies if that's the route you want to take. HAProxy and Pen are two I can think of off the bat. Or there's ZenLoadbalancer if you don't want to do too much command-line work. I've used proxies for web traffic, ftp and even SMTP traffic so I would think it could handle RTSP, though I haven't tried it with that specific protocol before myself.

                      1 Reply Last reply Reply Quote 0
                      • First post
                        Last post
                      Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.