RE: I'm having difficulty making port redirection work

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Woah ... great tutorial. (Do you have a pdf version ?)

mike

On Mon, 2003-06-30 at 18:59, George Vieira wrote:
> http://iptables-tutorial.frozentux.net/iptables-tutorial.html
> 
> Read that tutorial very carefully and you'll pickup the differences of iptables to ipchains.
> 
> just remember that INPUT/OUTPUT are for packets going to and from the firewall ONLY, not forwarded or NATed packets unlike ipchains.. check the graphs and you'll see what I mean..
> 
> What your looking for is part of PREROUTING chain not INPUT and you forgot the -t nat switch.
> 
> iptables -A PREROUTING -i $INTDEV -t nat -p tcp --dport 80 -j REDIRECT --to-port 8888
> 
> try that.. and if all else fails.... LOG EVERYTHING!
> 
> Thanks,
> ____________________________________________
> George Vieira
> Systems Manager
> georgev@xxxxxxxxxxxxxxxxxxxxxx
> 
> Citadel Computer Systems Pty Ltd
> http://www.citadelcomputer.com.au
>  
> 
> -----Original Message-----
> From: Michael Martinez [mailto:mmartinez@xxxxxxxxxxxxxxx]
> Sent: Tuesday, July 01, 2003 5:37 AM
> To: netfilter@xxxxxxxxxxxxxxxxxxx
> Subject: I'm having difficulty making port redirection work
> 
> 
> Hi all -
> 
> I've used ipchains before, but I'm brand new to iptables, and I'm having
> difficulty getting port redirection to work.
> 
> Here's what I want to do: I've got a Redhat 8.0 box running iptables
> 1.2.6a2. I've got a web application listening on port 8888 (on the eth0
> interface) and  I'd like any web traffic coming in on port 80, to be
> redirected to port 8888.
> 
> In ipchains, this is handled with the following line in
> /etc/sysconfig/ipchains:
> 
> -A input -d 192.73.224.127 80 -p tcp -j REDIRECT 8888
> 
> I am using the following lines at the beginning of
> /etc/sysconfig/iptables, but it does not work. I'm getting no messages
> in /var/log/messages, and I don't know of any place where iptables is
> logging anything:
> 
> *nat
> -A PREROUTING -i eth0 -p tcp --dport 80 -j REDIRECT --to-port 8888
> COMMIT
> 
> How do I troubleshoot and fix this?
> 
> thank you -
> 
> -- 
> Michael Martinez
> Linux System Administrator
> Marlaw Systems Technology Inc.
> CSREES/ISTM/USDA
> mmartinez@xxxxxxxxxxxxxxx
> 
> 
-- 
Michael Martinez
Linux System Administrator
Marlaw Systems Technology Inc.
CSREES/ISTM/USDA
(202) 720-6223
mmartinez@xxxxxxxxxxxxxxx
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux