On Wed, Jun 9, 2010 at 2:48 PM, Aaron Clausen <mightymartianca@xxxxxxxxx> wrote: > I'm trying to sort out a way to redirect all outgoing traffic destined > for port 8080 to an internal server. I must be having some nasty > brain fart because I just can't get it working. Just to clarify, you have a router or gateway machine between the Internet and an internal network, and all TCP connections from any internal machine to port 8080 should be DNATed to a proxy-like machine, also on the internal network? If so, I think the problem is that a single DNAT rule would cause the request to go through to the internal proxy, but the proxy would send a reply back to the client, which rejects it because it's expecting a reply from the router box. Have you handled that issue? Perhaps seeing your existing rules would help too. (I know this post isn't too helpful. I'm just trying to understand your setup and throw out a possible gotcha.) --Mike -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
