Jan Engelhardt schrieb: >>"-j DNAT" is not intended to DNAT to localhost. The REDIRECT target is >>for this. From "man iptables": > > > I guess this has to do with the recent 2.6.11->12 change that there is no more > implicit SNAT on -j DNAT, right? (Before, -j REDIRECT --to-ports ports was > equal to -j DNAT --to-dest 127.0.0.1:ports) Don't know, but with my 2.4.31 it doesn't work too (maybe a backport ?). Only -j REDIRECT works. Have a nice time, Joerg
