All of lore.kernel.org
 help / color / mirror / Atom feed
From: Grant Taylor <gtaylor@riverviewtech.net>
To: Toby <tobia.conforto@linux.it>
Cc: netfilter@lists.netfilter.org
Subject: Re: REDIRECT vs. DNAT (Was: HELP! Transparent Proxy using bridging...)
Date: Thu, 24 Mar 2005 10:08:58 -0600	[thread overview]
Message-ID: <4242E61A.3050308@riverviewtech.net> (raw)
In-Reply-To: <20050324122642.GA12171@ikkoku.ath.cx>

Yes, REDIRECT redirects traffic passing through the system to it's self, but it does not give you an option to send the traffic any where else.  If you want to send the traffic passing through the system to a different one on the LAN or where ever you need something other than redirect.  DNAT will send the packets to the other system but appear as if it is still coming from the original client system, thus SNAT makes the traffic appear to the system that you are sending the traffic to as if it is coming from the system that is doing the redirection.  The reason the traffic has to appear as if it is coming from the system doing the redirection is b/c the traffic must travel the same path (host IPs) in reverse as to not confuse the client system with the response coming from a different IP than the request was sent too.



Grant. . . .

Toby wrote:

> Jason Opperisano wrote:
> 
>>REDIRECT is a whole different beast from DNAT.
> 
> 
> As in?
> 
> Doesn't REDIRECT just do a DNAT to the machine's own address?
> 
> 
> Toby
> 



      reply	other threads:[~2005-03-24 16:08 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2005-03-24 12:26 REDIRECT vs. DNAT (Was: HELP! Transparent Proxy using bridging...) Toby
2005-03-24 16:08 ` Grant Taylor [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=4242E61A.3050308@riverviewtech.net \
    --to=gtaylor@riverviewtech.net \
    --cc=netfilter@lists.netfilter.org \
    --cc=tobia.conforto@linux.it \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.