--- Andy <ag1234@xxxxxxxxx> wrote: > Hi, > > Jari Marikainen wrote: > > I would like to forward incoming traffic from internet to > > "<195.198.111.x> port 80" to "<some other ip on the internet> port > 80" > > in FC3 on the same interface. > > I would try the DNAT/SNAT iptables targets, along the lines of: > iptables -t nat -A PREROUTING -p tcp --dport 80 -d 195.198.111.x \ > -j DNAT --to-destination 65.114.4.69 > iptables -t nat -A POSTROUTING -p tcp --dport 80 -d 65.114.4.69 \ > -j SNAT --to-source <your external IP address on this machine> > > The second line makes the real server send it's replies through the > same > path (otherwise it will reply directly to the client) > > You have to enable/allow forwarding for everything to work. > > hth, > /Andy > Are you sure? If I read the original note correctly, he wants to have his machine see an incoming packet on one interface, and then forward it to another address on the SAME interface. And he specifically said that he wants to catch traffic coming FROM the internet and forward it TO a different address, also on the internet. That's not port-forwarding, that's redirection, and it is best handled by setting up Apache to recognize the incoming connection, and then setting a REDIRECT which sends a message back to the client to tell it to go look somewhere else. Unless he has a multi-homed system with more than one interface on the internet, I'm not sure that forwarding/routing will work. Am I wrong? David __________________________________ Do you Yahoo!? All your favorites on one personal page ? Try My Yahoo! http://my.yahoo.com
