Re: NAT from eth0:0 port 80 to lo port 8080?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

Jeff Potter wrote:


Thanks, Florin and Robert, for your suggestions.

I'm still stumped, though.
This rule looks to be the REDIRECT rule that Robert suggests. Unfortunately, as I have it written here, it fail instantly -- telnetting to port 80 causes an instant error. iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT --to-ports 127.0.0.1:8080 

This gets packets in, but no reply:
iptables -t nat -A PREROUTING -p tcp -d 64.61.61.112 --dport 80 -j DNAT --to-destination 127.0.0.1:8080
IIRC, you need TWO commands to setup a port forward with iptables, one for the incoming like you've specified, and another to handle the response. 

classic example is...

iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx   \
		 --dport 8888 -j DNAT --to 192.168.0.2:80
iptables -A FORWARD -p tcp -i eth0 -d 192.168.0.2 --dport 80 -j ACCEPT


_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux