On Friday 2010-07-16 14:49, Patrick McHardy wrote: >> Assume: >> eth0 has these addresses: >> 10.1.0.1, netmask 255.255.255.0 (primary address) >> 10.2.0.1, netmask 255.255.255.0 >> 10.3.0.1, netmask 255.255.255.0 >> 10.4.0.1, netmask 255.255.255.0 >> >> and redirects from.. say.. port 80 to 8080 >> >> Connections to 10.1.0.1:80 will be redirected to 10.1.0.1:8080 >> But also all connections to 10.2.0.1:80, 10.3.0.1:80 and >> 10.4.0.1:80 will be redirected to 10.1.0.1:8080 >> >> >> With the patch, the connection to 10.2.0.1:80 will be redirected to >> 10.2.0.1:8080, 10.3.0.1:80 to 10.3.0.1:8080, etc.. > >OK, so basically you just want to rewrite the port number. An easier >way to do this without iterating through all addresses would be to >change userspace and the kernel so you can create REDIRECT rules >without the IP_NAT_RANGE_MAP_IPS flag. That won't work for forwarded >packets, but its the simplest solution for the case you describe. Isn't TPROXY the right thing here if all you want is changing the port of delivery? :-) -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
