Re: Port forwarding inside local domain

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Monday 20 August 2007, Bertram Scharpf wrote:
> Am Montag, 20. Aug 2007, 16:34:31 +0200 schrieb Ruben Laban:
> > You need to 'fix' the reply traffic, by using a rule like:
> >   # iptables -t nat -A POSTROUTING -i eth0 -d 192.168.7.49 -p tcp --dport
> > 80 \ -j SNAT --to 192.168.7.33
>
> iptables v1.3.5: Can't use -i with POSTROUTING
>
> > With recent kernels this can be done more elegantly by using the
> > conntrack module:
> >   # iptables -t nat -A POSTROUTING -d 192.168.7.49 -m conntrack
> > --ctorigdst \ 192.168.7.49 -j SNAT --to 192.168.7.33
>
> Seems it's "... --ctorigdst 192.168.7.33 -j ...".

Two 'stupid' mistakes indeed. Guess I should've reviewed my own posts a little 
more.

> Works fine. Thanks!

Glad it worked out for you afterall.

Regards,
-- 
Ruben
[Index of Archives]     [Linux Netfilter Development]     [Linux Kernel Networking Development]     [Netem]     [Berkeley Packet Filter]     [Linux Kernel Development]     [Advanced Routing & Traffice Control]     [Bugtraq]

  Powered by Linux