Jeff Potter wrote:
Thanks, Florin and Robert, for your suggestions.
I'm still stumped, though.
This rule looks to be the REDIRECT rule that Robert suggests.
Unfortunately, as I have it written here, it fail instantly --
telnetting to port 80 causes an instant error.
iptables -t nat -A PREROUTING -p tcp --dport 80 -j REDIRECT
--to-ports 127.0.0.1:8080
This gets packets in, but no reply:
iptables -t nat -A PREROUTING -p tcp -d 64.61.61.112 --dport 80 -j
DNAT --to-destination 127.0.0.1:8080
IIRC, you need TWO commands to setup a port forward with iptables, one
for the incoming like you've specified, and another to handle the response.
classic example is...
iptables -t nat -A PREROUTING -p tcp -i eth0 -d xxx.xxx.xxx.xxx \
--dport 8888 -j DNAT --to 192.168.0.2:80
iptables -A FORWARD -p tcp -i eth0 -d 192.168.0.2 --dport 80 -j ACCEPT
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos