Greetings, I need to redirect a port on the loopback device to a remote IP - basically the reverse of a transparent Squid proxy. The example I'm trying to get working is to make port 8000 on the local machine connect me to www.yahoo.com:80. I tried both DNAT and REDIRECT (not sure which is applicable here), as follows: [root@ash root]# iptables -F -t nat [root@ash root]# iptables -t nat -A PREROUTING -s 127.0.0.1 -p tcp --dport 8003 -j REDIRECT --to 64.58.76.225:80 [root@ash root]# telnet localhost 8003 Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Connection refused [root@ash root]# iptables -F -t nat [root@ash root]# iptables -t nat -A PREROUTING -s 127.0.0.1 -p tcp --dport 8003 -j DNAT --to 64.58.76.225:80 [root@ash root]# telnet localhost 8003 Trying 127.0.0.1... telnet: connect to address 127.0.0.1: Connection refused The REDIRECT works on a remote machine (if I specify -s <someIP> and then connect from that machine), so I know I must be close. I experimented with POSTROUTING as well, but that doesn't allow you to specify a source IP and I need to make sure this only works when connecting locally. Any pointers much appreciated. -Adam
