Dear All, Thank you for your time, and please reply to this message if you have any suggestions. Before posing my question, some background: A firewall has been constructed using RH Fedora 13, Kernel 2.6.34.7-63, and IPTables 1.4.7. The firewall is a simple, twin adapter configuration, with the external interface (eth0) facing the internet, and the other interface (eth1) facing a small private network (single IP subnet). The firewall is a bastion host, meaning that the firewall host contains nothing but the operating system, IPTables, and only those items needed to support operation of the host itself. The firewall does not run any other applications. Contained within the private network is a web server. Network: Base Address: 149.10.10.0/24 Web Server: 149.10.10.25 Clients: located at various addresses on the subnet. Firewall eth1 Address: 149.10.10.1 DNS Address: 149.10.10.2 QUESTION Given that clients on the internal network can freely surf the internet: if the clients select a specific web site (ie www.website.com), my goal is to configure IPTables to instead redirect the client to the internal web server. - If the client web browser is going to surf www.website.com, then iptables redirects the client to 149.10.10.25 - If the client web browser is going to surf any other website, then iptables permits the client to forward to the internet. *** I have attempted several iptables rules, including: iptables -v -t nat -A PREROUTING --in-interface eth1 --dport 80 -d www.website.com -j DNAT --to 149.10.10.25 However, this appears to have no effect. Can you please recommend the rule I should be using to perform this feat? THANK YOU -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
