Please post questions like this to netfilter-devel. mikemcquen@xxxxxxxxxxx wrote:
why? There is no longer a mechanism for doing this: iptables -t -nat -A PREROUTING -i eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to 1.1.1.1 I just replaced a bunch of proxy machines and my config no longer works!
This was never supported, REDIRECT always choses the first IP from the incoming device. My guess is that you either used DNAT before or the argument parser used to be less strict and ignored unknown arguments. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
