RE: Instructions on how to redirect port 80 to port 8080

["Martinez, Michael" <MMARTINEZ@xxxxxxxxxxxxxxx>]

--> On Tuesday 17 February 2004 7:10 pm, Alexis wrote:
--> 
--> > iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to
--> > x.x.x.x:8080
--> 
--> You might prefer to use REDIRECT - it's like DNAT, but only 
--> allows you to 
--> specify the port number, and forces the IP address to the 
--> local machine:
--> 
--> iptables -A PREROUTING -t nat -d a.b.c.d -p tcp --dport 80 
--> -j REDIRECT --to 
--> 8080
--> 

This isn't working. I can "telnet `hostname` 8080" and get an http
response, but when I do "telnet `hostname` 80" the response I get is
"telnet: Unable to connect to remote host: Connection refused."

Here's my iptables-save output:

# Generated by iptables-save v1.2.8 on Wed Feb 18 09:09:04 2004
*nat
:PREROUTING ACCEPT [44:5084]
:POSTROUTING ACCEPT [43:2580]
:OUTPUT ACCEPT [43:2580]
-A PREROUTING -d 199.128.238.12 -p tcp -m tcp --dport 80 -j REDIRECT
--to-ports 8080
COMMIT
# Completed on Wed Feb 18 09:09:04 2004
# Generated by iptables-save v1.2.8 on Wed Feb 18 09:09:04 2004
*filter
:INPUT ACCEPT [0:0]
:FORWARD ACCEPT [0:0]
:OUTPUT ACCEPT [417:40204]
:RH-Firewall-1-INPUT - [0:0]
-A INPUT -j RH-Firewall-1-INPUT
-A FORWARD -j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT -i lo -j ACCEPT
-A RH-Firewall-1-INPUT -p icmp -m icmp any -j ACCEPT
-A RH-Firewall-1-INPUT -p esp -j ACCEPT
-A RH-Firewall-1-INPUT -p ah -j ACCEPT
-A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j
ACCEPT
-A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j
ACCEPT
-A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
COMMIT
# Completed on Wed Feb 18 09:09:04 2004


Mike Martinez

Attachment: smime.p7s
Description: S/MIME cryptographic signature