Peter Chen a écrit : > I have a pretty straightforward question that I've been wondering. If > I add an iptable redirect rule (e.g. dst tcp port 80 to tcp port > 8080), it would change every tcp packet with port 80 as its > destination to a tcp packet with destination 8080. Now if my > application listening on 8080 were to reply to the source, it would > transmit a tcp packet with src port 8080, but the source side is > expecting a tcp packet with src port 80. > > So my question is, how does the reverse path from dest back to the > src, at what point does the port number get rewritten from 8080 back > to 80, making the redirect transparent? Is this done by iptable > automatically on a redirect target? Yes. Stateful NAT takes care of both directions of the connection. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
