On Sun, 2007-12-09 at 14:19 -0600, Les Mikesell wrote: > Craig White wrote: > >> > >> iptables -t nat -A PREROUTING -p tcp -d 192.168.3.8 --dport 445 \ > >> -j REDIRECT --to-ports 1445 > >> iptables -t nat -A OUTPUT -p tcp -d 192.168.3.8 --dport 445 \ > >> -j REDIRECT --to-ports 1445 > > ---- > > the thing I can't figure out is why they don't show up... > > # iptables -L > > Chain INPUT (policy ACCEPT) > > target prot opt source destination > > > > Chain FORWARD (policy ACCEPT) > > target prot opt source destination > > > > Chain OUTPUT (policy ACCEPT) > > target prot opt source destination > > > > even though, I just executed... > > You need to explicitly list the nat table: > > iptables --list -t nat ---- OK - cool, they're there (line wrapping certain to occur but I'm not gonna fix it) Chain PREROUTING (policy ACCEPT) target prot opt source destination REDIRECT tcp -- anywhere alfresco.tobyhouse.com tcp dpt:microsoft-ds redir ports 1445 REDIRECT tcp -- anywhere alfresco.tobyhouse.com tcp dpt:netbios-ssn redir ports 1139 REDIRECT udp -- anywhere alfresco.tobyhouse.com udp dpt:netbios-ns redir ports 1137 REDIRECT udp -- anywhere alfresco.tobyhouse.com udp dpt:netbios-dgm redir ports 1138 Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination REDIRECT tcp -- anywhere alfresco.tobyhouse.com tcp dpt:microsoft-ds redir ports 1445 REDIRECT tcp -- anywhere alfresco.tobyhouse.com tcp dpt:netbios-ssn redir ports 1139 REDIRECT udp -- anywhere alfresco.tobyhouse.com udp dpt:netbios-dgm redir ports 1138 REDIRECT udp -- anywhere alfresco.tobyhouse.com udp dpt:netbios-ns redir ports 1137 ---- > > > > -A PREROUTING -d 192.168.3.8 -p tcp -m tcp --dport 139 -j REDIRECT > > --to-ports 1139 > > -A OUTPUT -d 192.168.3.8 -p tcp -m tcp --dport 139 -j REDIRECT > > --to-ports 1139 > > > > > At any rate, this hasn't changed anything ;-( > > > I don't think you need the '-m udp/tcp' entries but I'm not sure if they > hurt anything. ---- I really didn't, I just did an 'service iptables save' and then listed the output of /etc/sysconfig/iptables just to see what rules were in place. Evidently, when you save the current rule set by 'service iptables save', it added the -m tcp/udp designations. Craig -- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list