Mike a écrit :
I rechecked my ports, tried again, tcpdump'd X and Y, ssh'd from another box and it WORKED!
As I said in my previous message, NAT in the PREROUTING chain works only for connections from another host, not from the same host.
BTW, REDIRECT may change the destination address too. "DNAT --to :port" just changes the destination port.
Thats good and all, but when I iptables -F , shouldn't I stop seeing traffic on my redirect port? Am I missing something else?
"iptables -F" flushes only the default table, which is 'filter'. Your rule is in the 'nat' table. To flush it, run "iptables -t nat -F".
-- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
