Le 13/01/2020 à 22:13, david NEW a écrit :
hi,
I am trying to route blocked ip set to IP:8080 where is info about
"you have been blocked"
table ip raw {
set bad_ip {'
type ipv4_addr
elements = { xxx.xxx.xxx.xxx }
}
chain prerouting {
type filter hook prerouting priority -500; policy accept;
nft add raw preroute ip saddr @bad_ip tcp dport { 80, 443 } ip
daddr set xxx.xxx.xxx.xxx tcp dport set 8080 notrack
}
}
netfilter doesn't complain about this rule but nothing
happens...connection timed out and nothing happened. I see no errors
in Apache2 logs.
I can see connection attempt in tcpdump but it is not redirected.
any suggestion, please?
With nft 0.8.2 I could'nt make redirect working, I used dnat insteed.
--
Daniel
