REDIRECT is a special case of DNAT, where the dst IP is rewritten to the IP address of the interface the packet is received on (optionally re-writing the dst port as well).
So is there really any functional difference if you are wanting to redirect the traffic to the interface that it did come in? In other words do you know of any kernel differences (number of cycles to execute?) in REDIRECT vs. DNAT?
i used DNAT in my response, as it wasn't clear from the OP what local IP the translated packets needed to be sent to.
*nod* I had to read the post more than one time too.
Grant. . . .
