On Thu, Nov 20, 2008 at 10:07 AM, Paul Evans <paul@xxxxxxxxxxxxx> wrote: > On Thu, 20 Nov 2008 10:00:20 -0800 > Mike <mikef1007@xxxxxxxxx> wrote: > >> iptables -t nat -A PREROUTING -p tcp --dport X -j REDIRECT >> --to-ports Y >> >> I ssh from another box, into the box I issued the above iptable >> tcpdump only showed traffic on port X and nothing on port Y > > That sounds correct. tcpdump watches very close to the "wire"; that is, > what comes in/goes out over ethernet or PPP or whatever the link uses. > For incoming traffic it will see before nat has rewritten the packets. > > Try watching the -i lo interface, instead of eth/ppp/whatever Tried '-i lo', nothing showed up. I rechecked my ports, tried again, tcpdump'd X and Y, ssh'd from another box and it WORKED! Thats good and all, but when I iptables -F , shouldn't I stop seeing traffic on my redirect port? Am I missing something else? thanks, Mike -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
