On Wed, 2004-06-23 at 09:33, Antony Stone wrote: > On Wednesday 23 June 2004 3:08 pm, Brett Simpson wrote: > > > I've tried a number of different PREROUTING and POSTROUTING rules and can't > > seem to make this work. > > > > I have a system with a single nic (eth0). While I'm on the system via a > > shell I would like to connect to 127.0.0.1:6000 and get seemlessly > > translated to 207.156.7.15:80. > > > > I tried the following without success: > > > > iptables -t nat -A PREROUTING -p tcp -d 127.0.0.1 -i lo --dport 6000 -j > > DNAT--to-destination 207.156.7.15:80 > > > > iptables -t nat -A POSTROUTING -p tcp -d 207.156.7.15 -o eth0 --dport 80 -j > > SNAT --to-source 127.0.0.1 > > Try: > > iptables -A OUTPUT -t nat -p tcp --dport 6000 -d 127.0.0.1 -j DNAT --to > 207.156.7.15:80 Didn't work. Would the INPUT chain help? iptables -t nat -A OUTPUT -p tcp --dport 6000 -d 127.0.0.1 -j DNAT --to 207.156.7.15:80 iptables -t nat -A POSTROUTING -p tcp -d 207.156.7.15 -o eth0 --dport 80 -j SNAT --to-source 127.0.0.1
