On Thursday 25 March 2004 19:47, Fabiano Bonin wrote: > >From: Ben Yerushalmi <beny@xxxxxxxxxxxx> > >Looks like changing the OUTPUT chain did actually work in redirecting > >localhost traffic. On the Linux 2.4 kernel you will need to enable the > >"NF_NAT_LOCAL" kernel option. > Could you provide a complete example of how to do all this? > I think it will solve some of my problems. You'll need to enable the option CONFIG_IP_NF_NAT_LOCAL. Using `make menuconfig`, the relevant options are found: In 2.4: Under "Networking options -> IP: Netfilter Configuration -> NAT of local connections" In 2.6: Under "Device Drivers -> Networking Support -> Networking Options -> Network packet filtering (replaces ipchains) -> IP Netfilter Configuration" In both you will also have to enable "Full NAT" and "iptables support". This will let you use NAT with connections that originate locally, ie from processes on your iptables machine. The help for the option says there should be more on the netfilter site, http://www.netfilter.org. David
