Am Mo, den 02.05.2005 schrieb John G. Norman um 15:30: > THANKS for the reply, but that didn't work. In fact, -j REDIRECT to a > certain port and -j DNAT are equivalent (though with DNAT you have to > say "--to 192.168.10.101:8080 (give an IP and a port). (For just one > explanation of this, see > http://www.linuxsecurity.com/content/view/117557/49/ where they note: > "REDIRECT: This is a specialized case of DNAT that alters the > destination IP address to send the packet to the machine itself. This > is useful in circumstances where one wishes to redirect web traffic to > a local proxy server, such as squid." > > In any case, I tried your suggestion: > > /sbin/iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to > 192.168.10.101:8080 > > Still doesn't work. > John Did we saw your full packet filtering (i.e. iptables -nvL)? I guess you block the traffic somewhere else, at least I don't remember any case where redirecting made me a problem. Alexander -- Alexander Dalloz | Enger, Germany | GPG http://pgp.mit.edu 0xB366A773 legal statement: http://www.uni-x.org/legal.html Fedora Core 2 GNU/Linux on Athlon with kernel 2.6.11-1.14_FC2smp Serendipity 19:46:56 up 3:52, 18 users, 0.23, 0.14, 0.10
Attachment:
signature.asc
Description: Dies ist ein digital signierter Nachrichtenteil
