Hello, Faré a écrit : > > Is it possible using netfilter to > a- redirect TCP traffic from port 10000 (visible to the public) to > port 10010 (invisible to the public) What do you mean by invisible ? > b- change the rule so that that traffic to port 10000 is now > redirected to port 10020 (also invisible to the public) *except* for > packets associated with existing connections, that will remain > redirected to port 10010. Yes. This is the way stateful NAT works. Changes in NAT rules apply only to new connections. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
