http://iptables-tutorial.frozentux.net/iptables-tutorial.html Read that tutorial very carefully and you'll pickup the differences of iptables to ipchains. just remember that INPUT/OUTPUT are for packets going to and from the firewall ONLY, not forwarded or NATed packets unlike ipchains.. check the graphs and you'll see what I mean.. What your looking for is part of PREROUTING chain not INPUT and you forgot the -t nat switch. iptables -A PREROUTING -i $INTDEV -t nat -p tcp --dport 80 -j REDIRECT --to-port 8888 try that.. and if all else fails.... LOG EVERYTHING! Thanks, ____________________________________________ George Vieira Systems Manager georgev@xxxxxxxxxxxxxxxxxxxxxx Citadel Computer Systems Pty Ltd http://www.citadelcomputer.com.au -----Original Message----- From: Michael Martinez [mailto:mmartinez@xxxxxxxxxxxxxxx] Sent: Tuesday, July 01, 2003 5:37 AM To: netfilter@xxxxxxxxxxxxxxxxxxx Subject: I'm having difficulty making port redirection work Hi all - I've used ipchains before, but I'm brand new to iptables, and I'm having difficulty getting port redirection to work. Here's what I want to do: I've got a Redhat 8.0 box running iptables 1.2.6a2. I've got a web application listening on port 8888 (on the eth0 interface) and I'd like any web traffic coming in on port 80, to be redirected to port 8888. In ipchains, this is handled with the following line in /etc/sysconfig/ipchains: -A input -d 192.73.224.127 80 -p tcp -j REDIRECT 8888 I am using the following lines at the beginning of /etc/sysconfig/iptables, but it does not work. I'm getting no messages in /var/log/messages, and I don't know of any place where iptables is logging anything: *nat -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8888 COMMIT How do I troubleshoot and fix this? thank you - -- Michael Martinez Linux System Administrator Marlaw Systems Technology Inc. CSREES/ISTM/USDA mmartinez@xxxxxxxxxxxxxxx
