On 10/17/08 12:40, Jeremy Pullicino wrote:
After consulting with the docs and online tutorials I came up with
the command below:
iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT
192.168.11.100
Is this the correct way to do it?
That is the first part of it. You will also need to SNAT the traffic.
Any advice will be really appreciated.
Look through the archive for this mailing list, or better search it, for
what I refer to as the "TCP Triangle".
I think the most recent thread that this was discussed had a subject of
"Different kind of transparent proxy".
Also, you may find Jan Engelhardt's TCP Triangle image explains it well.
http://jengelh.hopto.org/images/dnat-mistake.png
Grant. . . .
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
