On Thursday 20 March 2003 09:03 am, Henry Ritzlmayr wrote: > Hi everyone - this is my first post to this list - so if anything is > wrong with my way of posting please tell. > > And here is the question. How is it possible to nat a lokal port? > > IPTABLES -t nat -A PREROUTING -p tcp -d 127.0.0.1 --destination-port > 81 -j DNAT --to-destination 127.0.0.1:80 > > telnet localhost 80 <<< works > telnet localhost 81 <<< Connection refused > > Henry Packets originating on the local box never go through the PREROUTING chains. This is why there is an OUTPUT chain in the nat table. (and the mangle table) iptables -t nat -A OUTPUT -o lo -p tcp --dport 81 -j DNAT --to 127.0.0.1:80 should do it. I'm not sure if the REDIRECT target would work properly for this use (localhost->localhost), but you can try easily enough. j
