Don't include any port... that should be enough. iptables -t nat -A PREROUTING -p tcp -j DNAT --to-destination x.x.x.x:80 On 2/14/06, James Edward Stickland <jstic04@xxxxxxxxxxxxxxxxxxxxxxx> wrote: > Hello, could someone help me with writing a rule to do the following > > All tcp connections on all port numbers 1-65534 be dnat'ed to host > x.x.x.x on port 80 > > im setting up a simple honey pot. for new connections coming to my wan > interface. > > i know i could do separate prerouting chain in the nat table entries > for each port - but how can i do a one liner? > >
