RE: Instructions on how to redirect port 80 to port 8080

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Well .. Dns is working. Either way, give it ip address or fqdn, it
doesn't work. Fails in the same manner.

Regards,
 
Michael Martinez
ISTM/CSREES
United States Department of Agriculture
---
This email is signed with my digital signature so that you may verify
the authenticity of the sender.

--> -----Original Message-----
--> From: Alexis [mailto:alexis@xxxxxxxxxxxx] 
--> Sent: Wednesday, February 18, 2004 12:29 PM
--> To: Martinez, Michael
--> Cc: Antony Stone; Netfilter
--> Subject: RE: Instructions on how to redirect port 80 to port 8080
--> 
--> 
--> and `hostname` what ip address resolve??
--> 
--> 
--> 
--> On Wed, 2004-02-18 at 11:06, Martinez, Michael wrote:
--> > --> On Tuesday 17 February 2004 7:10 pm, Alexis wrote:
--> > --> 
--> > --> > iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT --to
--> > --> > x.x.x.x:8080
--> > --> 
--> > --> You might prefer to use REDIRECT - it's like DNAT, but only 
--> > --> allows you to 
--> > --> specify the port number, and forces the IP address to the 
--> > --> local machine:
--> > --> 
--> > --> iptables -A PREROUTING -t nat -d a.b.c.d -p tcp --dport 80 
--> > --> -j REDIRECT --to 
--> > --> 8080
--> > --> 
--> > 
--> > This isn't working. I can "telnet `hostname` 8080" and get an http
--> > response, but when I do "telnet `hostname` 80" the 
--> response I get is
--> > "telnet: Unable to connect to remote host: Connection refused."
--> > 
--> > Here's my iptables-save output:
--> > 
--> > # Generated by iptables-save v1.2.8 on Wed Feb 18 09:09:04 2004
--> > *nat
--> > :PREROUTING ACCEPT [44:5084]
--> > :POSTROUTING ACCEPT [43:2580]
--> > :OUTPUT ACCEPT [43:2580]
--> > -A PREROUTING -d 199.128.238.12 -p tcp -m tcp --dport 80 
--> -j REDIRECT
--> > --to-ports 8080
--> > COMMIT
--> > # Completed on Wed Feb 18 09:09:04 2004
--> > # Generated by iptables-save v1.2.8 on Wed Feb 18 09:09:04 2004
--> > *filter
--> > :INPUT ACCEPT [0:0]
--> > :FORWARD ACCEPT [0:0]
--> > :OUTPUT ACCEPT [417:40204]
--> > :RH-Firewall-1-INPUT - [0:0]
--> > -A INPUT -j RH-Firewall-1-INPUT
--> > -A FORWARD -j RH-Firewall-1-INPUT
--> > -A RH-Firewall-1-INPUT -i lo -j ACCEPT
--> > -A RH-Firewall-1-INPUT -p icmp -m icmp any -j ACCEPT
--> > -A RH-Firewall-1-INPUT -p esp -j ACCEPT
--> > -A RH-Firewall-1-INPUT -p ah -j ACCEPT
--> > -A RH-Firewall-1-INPUT -m state --state 
--> RELATED,ESTABLISHED -j ACCEPT
--> > -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp 
--> --dport 22 -j
--> > ACCEPT
--> > -A RH-Firewall-1-INPUT -p tcp -m state --state NEW -m tcp 
--> --dport 80 -j
--> > ACCEPT
--> > -A RH-Firewall-1-INPUT -j REJECT --reject-with 
--> icmp-host-prohibited
--> > COMMIT
--> > # Completed on Wed Feb 18 09:09:04 2004
--> > 
--> > 
--> > Mike Martinez
--> -- 
--> Alexis <alexis@xxxxxxxxxxxx>
--> 
-->

Attachment: smime.p7s
Description: S/MIME cryptographic signature

[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux