Le jeudi 22 juillet 2010 à 17:52 +0800, Changli Gao a écrit : > > FYI: the random option is documented in the manual page of iptables. > > REDIRECT > This target is only valid in the nat table, in the PREROUTING and OUT- > PUT chains, and user-defined chains which are only called from those > chains. It redirects the packet to the machine itself by changing the > destination IP to the primary address of the incoming interface > (locally-generated packets are mapped to the 127.0.0.1 address). > > --to-ports port[-port] > This specifies a destination port or range of ports to use: > without this, the destination port is never altered. This is > only valid if the rule also specifies -p tcp or -p udp. > > --random > If option --random is used then port mapping will be randomized > (kernel >= 2.6.22). > > Note my patch has nothing to do with the man page, its already up2date. I usually dont read the Fine manuals, do you ? Try : iptables -t nat -A PREROUTING -p tcp --dport 1234 -j REDIRECT --help REDIRECT target options: --to-ports <port>[-<port>] Port (range) to map to. You see [--random] is missing. -- To unsubscribe from this list: send the line "unsubscribe netfilter-devel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
