SNAT ist only valid in the POSTROUTING chain. But even that didn´t do the trick. Do you know any way to check what really happens with the packet since tcpdump only shows it before natting? If there is no tool/command or anything like that - than it looks like I found something to refreshen my c/c++ skills. Henry Am Fre, 2003-03-21 um 16.09 schrieb David Ruggles: > I think (if I understand the problem) I would try this: > > iptables -t nat -A PREROUTING -p tcp -d 172.16.172.12 -j > DNAT --to-destination 127.0.0.1 > iptables -t nat -A PREROUTING -p tcp -d 127.0.0.1 -j SNAT --to-source > 127.0.0.1 > > Please let me know if this works. > > Thanks, > David Ruggles > > CCNA MCSE (NT) CNA A+ > Network Engineer, Safe Data, Inc > 910-285-7200 david@xxxxxxxxxxxxxxx > 0100011101101111011001000110110001101111011101100110010101110011011110010110 > 111101110101 > ----- Original Message ----- > From: "Henry Ritzlmayr" <h.ritzlmayr@xxxxxx> > To: "Netfilter Mailing List" <netfilter@xxxxxxxxxxxxxxxxxxx> > Sent: Friday, March 21, 2003 9:31 AM > Subject: Redirecting incoming traffic to 127.0.0.1 > > > > I have a service running on a box wich is only able to bind to 127.0.0.1 > > (hardcoded and I can´t get the source to change it). Since I want to use > > it from any other box the only way to solve that I think is to nat > > incoming packets to 127.0.0.1. > > > > IPTABLES -t nat -A PREROUTING -p tcp -d 172.16.172.12 -j DNAT > > --to-destination 127.0.0.1 > > > > and many others wich I tried don´t work. > > > > If I understood REDIRECT correctly it only changes to the local IP where > > the packet came in (in my situation 172.16.172.12) wich also not solves > > the problem. > > > > any ideas? > > > > Henry > > > > >
