On Tue, Feb 08, 2011 at 12:36:44PM -0600, Carlos S wrote:
> I am forwarding traffic on port 8080 to port 80 with following rule.
> # iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 8080 -j
> REDIRECT --to-port 80
> # iptables-save
>
> However, I am unable to add it directly in /etc/sysconfig/iptables. I
> think it is used only for filter table and not nat table. So where do
> nat table rules go? Any help?
>
> -
> cs.
> _______________________________________________
> CentOS mailing list
> CentOS@xxxxxxxxxx
> http://lists.centos.org/mailman/listinfo/centos
Here's how I have it set up on a box where I'm doing something similar, but for ssh:
# Generated by iptables-save v1.3.5 on Fri Sep 17 10:39:51 2010
*nat
:PREROUTING ACCEPT [38:3177]
:POSTROUTING ACCEPT [77:6468]
:OUTPUT ACCEPT [77:6468]
-A PREROUTING -s <ADDRESS> -p tcp -m tcp --dport 22 -j REDIRECT --to-ports 4022
COMMIT
# Completed on Fri Sep 17 10:39:51 2010
# Generated by iptables-save v1.3.5 on Fri Sep 17 10:39:51 2010
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [660935177:1131719310086]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
(Normal iptables config continues)
Also, once you add the rule with the iptables command, have you tried iptables-save? That should give you a dump of all the rules that are in effect.
Joe
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
