RE: Instructions on how to redirect port 80 to port 8080

[Alexis <alexis@xxxxxxxxxxxx>]

and `hostname` what ip address resolve??



On Wed, 2004-02-18 at 11:06, Martinez, Michael wrote:
> --> On Tuesday 17 February 2004 7:10 pm, Alexis wrote:
> --> 
> --> > iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to
> --> > x.x.x.x:8080
> --> 
> --> You might prefer to use REDIRECT - it's like DNAT, but only 
> --> allows you to 
> --> specify the port number, and forces the IP address to the 
> --> local machine:
> --> 
> --> iptables -A PREROUTING -t nat -d a.b.c.d -p tcp --dport 80 
> --> -j REDIRECT --to 
> --> 8080
> --> 
> 
> This isn't working. I can "telnet `hostname` 8080" and get an http
> response, but when I do "telnet `hostname` 80" the response I get is
> "telnet: Unable to connect to remote host: Connection refused."
> 
> Here's my iptables-save output:
> 
> # Generated by iptables-save v1.2.8 on Wed Feb 18 09:09:04 2004
> *nat
> :PREROUTING ACCEPT [44:5084]
> :POSTROUTING ACCEPT [43:2580]
> :OUTPUT ACCEPT [43:2580]
> -A PREROUTING -d 199.128.238.12 -p tcp -m tcp --dport 80 -j REDIRECT
> --to-ports 8080
> COMMIT
> # Completed on Wed Feb 18 09:09:04 2004
> # Generated by iptables-save v1.2.8 on Wed Feb 18 09:09:04 2004
> *filter
> :INPUT ACCEPT [0:0]
> :FORWARD ACCEPT [0:0]
> :OUTPUT ACCEPT [417:40204]
> :RH-Firewall-1-INPUT - [0:0]
> -A INPUT -j RH-Firewall-1-INPUT
> -A FORWARD -j RH-Firewall-1-INPUT
> -A RH-Firewall-1-INPUT -i lo -j ACCEPT
> -A RH-Firewall-1-INPUT -p icmp -m icmp any -j ACCEPT
> -A RH-Firewall-1-INPUT -p esp -j ACCEPT
> -A RH-Firewall-1-INPUT -p ah -j ACCEPT
> -A RH-Firewall-1-INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 22 -j
> ACCEPT
> -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp --dport 80 -j
> ACCEPT
> -A RH-Firewall-1-INPUT -j REJECT --reject-with icmp-host-prohibited
> COMMIT
> # Completed on Wed Feb 18 09:09:04 2004
> 
> 
> Mike Martinez
-- 
Alexis <alexis@xxxxxxxxxxxx>