On Fri, 4 Mar 2016, Alex Barylo wrote: > I have a server in a DC1 with a private IP, of say 10.10.10.10. This > IP is NAT'd to a public IP, say 216.58.219.10 in this way: > > 216.58.219.10:8090 -> 10.10.10.10:8089 > > I have a server in DC2 which knows about (and wants to connect to) > 10.10.10.10:8089 but doesn't know about 216.58.219.10:8090 (long > story). > > So I want to rewrite dest IP/port from 10.10.10.10:8089 to 216.58.219.10:8090. > > This is what I tried: > > # sysctl net.ipv4.ip_forward=1 > # iptables -t nat -A PREROUTING -p tcp --dest 10.10.10.10 --dport 8089 > -j DNAT --to 216.58.219.10:8090 > Any pointers are greatly appreciated. Try adding the same rule also to the nat OUTPUT chain. iptables -t nat -A OUTPUT -p tcp --dest 10.10.10.10 --dport 8089 -j DNAT --to 216.58.219.10:8090 c'ya sven-haegar -- Three may keep a secret, if two of them are dead. - Ben F. -- To unsubscribe from this list: send the line "unsubscribe netfilter" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
