From: Jim Laurino <nfcan.x.jimlaur@dfgh.net>
To: netfilter@lists.netfilter.org
Subject: Re: Temporary redirection with DNAT and SNAT (nfcan: addressed to exclusive sender for this address)
Date: Tue, 26 Apr 2005 22:36:13 -0400 [thread overview]
Message-ID: <20050427023613.GC28992@salty> (raw)
In-Reply-To: <48be50bb0504261013137f3cd2@mail.gmail.com> (from +nfcan+jimlaur+e2c564b3f5.whereisgui#gmail.com@spamgourmet.com on Tue, Apr 26, 2005 at 13:13:57 -0400)
On 2005.04.26 13:13, Kirk - whereisgui@gmail.com wrote:
> Hello,
>
> I have to shutdown a proxy server for a few days and I need to
> redirect its traffic to a server behind an iptables firewall. Here's
> what I want to do:
>
snip
>
> But I'm having problems with the second part. The SNAT rule:
> -I POSTROUTING -s 192.168.0.3 --sport 2050 -o eth0 -j SNAT --to
> 130.17.174.108
>
> #This one seems OK too.
> -A PREROUTING -i eth0 -p tcp -d $PUBLIC_IP --dport 80 -j DNAT --to
> $PRIVATE_IP:2050
>
>
> The SNAT rule generates the error:
> Applying iptables firewall rules: iptables-restore v1.2.11: Unknown
> arg `--sport'
I think the difference is that the SNAT rule does not
specify the protocol the way the DNAT rule does ( -p tcp ).
You can only specify a source port for a
protocol that uses the concept of a "port".
>
> Could someone provide help to solve this problem?
>
HTH
--
Jim Laurino
nfcan.x.jimlaur@dfgh.net
Please reply to the list.
Only mail from the listserver reaches this address.
next prev parent reply other threads:[~2005-04-27 2:36 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-26 17:13 Temporary redirection with DNAT and SNAT Kirk
2005-04-27 2:36 ` Jim Laurino [this message]
2005-04-27 5:00 ` Taylor, Grant
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20050427023613.GC28992@salty \
--to=nfcan.x.jimlaur@dfgh.net \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.