From: Alex Tang <altitude@funkware.com>
To: netfilter@lists.netfilter.org
Subject: Re: redirect 127.0.0.1:25 -> 127.0.0.1:2000
Date: Fri, 18 May 2007 15:46:04 -0700 [thread overview]
Message-ID: <464E2CAC.8060702@funkware.com> (raw)
In-Reply-To: <464E2A63.3020903@funkware.com>
ARGH. Sorry about my premature previous post...lemme try this again...
Hi again,
In looking through the mail archive, i see this thread,
http://lists.netfilter.org/pipermail/netfilter/2004-November/057098.html
which answered my question.
I verified that the kernel had IP_NF_NAT_LOCAL set to y, and i see that
I was missing the "iptables -t nat -A OUTUPT" line. Everything works
now. Whoohoo!
Thanks.
...alex...
Alex Tang wrote:
> Hi folks.
>
> I'm using a nat PREROUTING rule to forward all connections from port
> 25 to port 2000. This works fine for all addresses except for localhost.
>
> the rule i'm using is: "-A PREROUTING -p tcp -m tcp --dport 25 -j
> REDIRECT --to-ports 2000" (CentOS4, kernel 2.6.9-55, iptables-1.2.11)
>
> For example, on my machine: foobar.example.com
>
> If i telnet from any machine other than foobar.example.com to
> foobar.example.com:25, the connection is redirected properly to
> foobar.example.com:2000.
> However, if i telnet from foobar.example.com to localhost:25, i get a
> connection refused.
> Telnetting to from foobar.example.com to localhost:2000 works fine (as
> expected)
>
> Telnetting from foobar.example.com to foobar.example.com:25 also does
> not work.
>
> I know that you can't do prerouting from localhost -> some.other.host
> (or vice versa), but i thought localhost->localhost would work.
>
> Am i screwing up the rule? Should I add another rule? Or am i just SOL.
>
> Thanks.
>
> ...alex...
>
>
next prev parent reply other threads:[~2007-05-18 22:46 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2007-05-18 22:36 redirect 127.0.0.1:25 -> 127.0.0.1:2000 Alex Tang
2007-05-18 22:42 ` Alex Tang
2007-05-18 22:46 ` Alex Tang [this message]
2007-05-23 7:43 ` Jan Engelhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=464E2CAC.8060702@funkware.com \
--to=altitude@funkware.com \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.