[ale] port forwarding for iptables.
Jim Kinney
jim.kinney at gmail.com
Tue Jun 9 13:50:36 EDT 2009
Id10T alert!
time to pour more caffeine into me. I was wrong (my wife can verify
this). DNAT is the correct way to do this in the nat table in the
prerouting chain.
Funny... I run "man iptables" and it says "Jim's an Id10T - keep reading..."
thanks for the correction!
On Tue, Jun 9, 2009 at 1:42 PM, JK<jknapka at kneuro.net> wrote:
> Jim Kinney wrote:
>> all of the -j LOG calls will never trigger because the packet has
>> already left the chain due to the line before it with the -j ACCEPT or
>> -j DNAT. Put the log before the jump call.
>>
>> -j REDIRECT is what you want to use. DNAT is for IP address. REDIRECT
>> is for port forwarding.
>
>
> If I am not mistaken, REDIRECT only allows you to forward to a port on
> the local machine. If you want to forward on to another machine, you
> need DNAT. "man iptables" backs me up on this, yay.
>
> -- JK
>
> --
> Still sigless.
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
>
--
--
James P. Kinney III
Actively in pursuit of Life, Liberty and Happiness
More information about the Ale
mailing list