Hi everybody! I'm more or less new to netfilter / iptables; so I've got a question about DNAT. My problem is, that my DNAT won't work. I want to reroute http-pakets to server X to my own server running on localhost. The first command I tried was the following:
iptables -A PREROUTING -t nat -p tcp -d [IP OF X] --dport 80 -j
DNAT --to-destination 127.0.0.1:80 The new rule seems to be added correctly to the nat-table:
iptables -t nat --list
Chain PREROUTING (policy ACCEPT) target prot opt source destination DNAT tcp -- anywhere X tcp dpt:http to:127.0.0.1:80 Chain POSTROUTING (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination But: There is no effect. When I try to open a page hostet on X, the page loads from X, not from localhost... So I tried
iptables -A PREROUTING -t nat -p tcp -d [IP OF X] --dport 80 -j REDIRECT
No effect, too Could anybody tell me, what I'm doing wrong? I'm using Suse Linux 10.0 Regards, Holger
