Hi, I have following iptable rule in system. iptables -I PREROUTING -t nat -p tcp --dport 443 -j REDIRECT --to-ports 3128 kernel - 2.6.16.13 I am using following scenario for load testing 192.168.206.200 -----> 192.168.121.125 -----> 72.14.223.83 Client iptables/proxy server server and I am getting following entry through conntrack binay as well as in /proc/net/ip_conntrack [NEW] tcp 6 120 NONE src=192.168.206.200 dst=72.14.223.83 sport=63423 dport=443 packets=1 bytes=48 [UNREPLIED] src=192.168.121.125 dst=192.168.206.200 sport=3128 dport=46873 packets=0 bytes=0 id=28187887 Now here original and reverse tuples are --> Original tuple 192.168.206.200:63423->72.14.223.83:443 Reply tuple 192.168.121.125:3128->192.168.206.200:46873 So, here destination port of reverse tuple is 46873. Is it correct ? Rgds, Nishit Shah -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
