Am Fre, 2003-03-21 um 08.22 schrieb Joel Newkirk: > On Thursday 20 March 2003 09:03 am, Henry Ritzlmayr wrote: > > Hi everyone - this is my first post to this list - so if anything is > > wrong with my way of posting please tell. > > > > And here is the question. How is it possible to nat a lokal port? > > > > IPTABLES -t nat -A PREROUTING -p tcp -d 127.0.0.1 --destination-port > > 81 -j DNAT --to-destination 127.0.0.1:80 > > > > telnet localhost 80 <<< works > > telnet localhost 81 <<< Connection refused > > > > Henry > > Packets originating on the local box never go through the PREROUTING > chains. This is why there is an OUTPUT chain in the nat table. (and > the mangle table) > > iptables -t nat -A OUTPUT -o lo -p tcp --dport 81 -j DNAT --to > 127.0.0.1:80 > > should do it. I'm not sure if the REDIRECT target would work properly > for this use (localhost->localhost), but you can try easily enough. > > j That was it. I overlooked that local packets do not go trough the PREROUTING. thanks for the help Henry
