Re: DNAT to 127 fails

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Jörg Harmuth <harmuth@xxxxxxxxx>
Subject: Re: DNAT to 127 fails
From: Jan Engelhardt <jengelh@xxxxxxxxxxxxxxx>
Date: Tue, 9 Aug 2005 11:51:31 +0200 (MEST)
Cc: netfilter@xxxxxxxxxxxxxxxxxxx
In-reply-to: <42F33A8C.9060905@xxxxxxxxx>
References: <Pine.LNX.4.61.0508051141020.31142@xxxxxxxxxxxxxxx> <42F33A8C.9060905@xxxxxxxxx>
Sender: netfilter-bounces@xxxxxxxxxxxxxxxxxxx

>"-j DNAT" is not intended to DNAT to localhost. The REDIRECT target is
>for this. From "man iptables":

I guess this has to do with the recent 2.6.11->12 change that there is no more 
implicit SNAT on -j DNAT, right? (Before, -j REDIRECT --to-ports ports was 
equal to -j DNAT --to-dest 127.0.0.1:ports)



Jan Engelhardt
-- 
| Alphagate Systems, http://alphagate.hopto.org/

Follow-Ups:
- Re: DNAT to 127 fails
  - From: Jörg Harmuth

References:
- DNAT to 127 fails
  - From: Jan Engelhardt
- Re: DNAT to 127 fails
  - From: Jörg Harmuth

Prev by Date: Re: What is ACK PSH FIN and why is it blocked?
Next by Date: Re: Rules in config file
Previous by thread: Re: DNAT to 127 fails
Next by thread: Re: DNAT to 127 fails
Index(es):
- Date
- Thread

[Index of Archives] [Linux Netfilter Development] [Linux Kernel Networking Development] [Netem] [Berkeley Packet Filter] [Linux Kernel Development] [Advanced Routing & Traffice Control] [Bugtraq]

Powered by Linux