Thank you!!
You understood correctly. I wanted any incoming on 80 to be forwarded on the same interface to 12080.
> If I understand correctly, you want to change only the
> destination port, not the destination address. But the
> iptables manpage says that the REDIRECT target replaces the
> destination address with the primary address of the incoming
> interface, so it may not be suitable for your purpose.
>
> You can use the DNAT target instead. Either :
>
> iptables -t nat -A PREROUTING -p tcp --dport 80 -j DNAT
> --to :12080
>
> will translate the destination port 80 into 12080
> regardless of the destination address and without changing
> it,
>
Not sure what I thought that was supposed to do. I just copied a couple rules for forwarding from some tutorial and those were included and didn't think to really question them. I need to spend some more time with the man pages. I think my big problem was that I thought iptables -F would flush all chains but instead it was likely only flushing the default chain and not the nat chain.
> PS: What is the purpose of the first rule in the FORWARD
> chain ?
Thanks again,
Fu-Tung
--
To unsubscribe from this list: send the line "unsubscribe netfilter" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
