On Sat, 3 Jul 2004, Gregory Nowak wrote: > In a nutshell, I've now got: > > iptables -t nat -A OUTPUT -p tcp -o eth0 --dport 25 -j DNAT Note, that in the first version of this, you had a dollars sign, before "eth0". Not sure whether that was intentional. > - --to-destination aaa.bbb.ccc.ddd Why is there a space-delimited hyphen in the middle of the command, before "--to-destination"? That was there on the first version of this as well, and while I haven't looked up "--to-destination", nothing in FSF would lead me to the conclusion that this serves some useful purpose. As for why telnet is showing the address you are telnetting to, not the redirect address: that is the essence of hijacking intended destinations--the person making the connection, is given no idea that it is being done, by use of IP addresses. Telnet doesn't know its happening, and therefore shows the address it expects to be reaching. Luke
