I am not sure if I understood your approach - but I tried it and it doesn´t do the trick. What I need is whenever a packet arrives on an external interface it should be redirected to 127.0.0.1 (localhost). This is needed because a service is listening only on localhost (not ment to be used on the network). Henry Am Fre, 2003-03-21 um 15.51 schrieb Negrea Mihai: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Maybe the packets reach your service listening on the localhost but they > cannot get to the client because it has the source 127.0.0.1 > > Try SNAT-ing those packets: > iptables -t nat -A POSTROUTING -p tcp -s 127.0.0.1 -j SNAT --to 172.16.172.12 > > hope I understood the problem > > All the best, > > - -- > Negrea Mihai > http://www.negrea.net > > On Friday 21 March 2003 16:31, Henry Ritzlmayr wrote: > > I have a service running on a box wich is only able to bind to 127.0.0.1 > > (hardcoded and I can´t get the source to change it). Since I want to use > > it from any other box the only way to solve that I think is to nat > > incoming packets to 127.0.0.1. > > > > IPTABLES -t nat -A PREROUTING -p tcp -d 172.16.172.12 -j DNAT > > --to-destination 127.0.0.1 > > > > and many others wich I tried don´t work. > > > > If I understood REDIRECT correctly it only changes to the local IP where > > the packet came in (in my situation 172.16.172.12) wich also not solves > > the problem. > > > > any ideas? > > > > Henry > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.0.7 (GNU/Linux) > > iD8DBQE+eybk8hhhNOp8KlQRAiRpAJ9h3NJ7OLgMhBnPG+ToZ9dAweXAOwCg3R/4 > WtZ8kbHYrihBupFC91nPUeg= > =PFnF > -----END PGP SIGNATURE----- >
