Re: Redirect ports on localhost

All of lore.kernel.org
 help / color / mirror / Atom feed

From: forum@users.pc9.org
To: netfilter@lists.netfilter.org
Subject: Re: Redirect ports on localhost
Date: Tue, 23 Mar 2004 20:01:02 -0600	[thread overview]
Message-ID: <jbm.20040323200102.07b7ea44@alkaid.pc9> (raw)
In-Reply-To: <406099AD.2070403@verio.net>

> I'm trying to redirect traffic on my DNS server. I have bind listening
> on port 5300 (UDP) instead of 53. I've got it working from the internal
> network but seem to have problem on redirecting localhost traffic. I've
> tried changing both PREROUTING and OUTPUT chains in the nat table but it
> doesn't seem to help.
> 
> iptables -A PREROUTING -t nat -p udp -i lo --dport domain -j REDIRECT
> --to-ports 5300

Absolutely incredible, within the past 15 minutes I have been trying to do 
the exact same thing with you -- also, with no luck. Using tcpdump I know 
that the port 53 packets are there, but from the DNS server logs I know 
that the packets never arrive at port 5300. I tried (unsuccessfuly) to add 
essentially the same PREROUTING rule.

Since this worked on my external interfaces but not lo, I'm thinking that 
maybe PREROUTING doesn't apply to lo? I don't know. The caveat I had 
encountered when doing this for another interface was making sure that the 
packet is accepted on that port in the INPUT chain, but that's not the case 
here for me.

-- 
forum@users.pc9.org

next prev parent reply	other threads:[~2004-03-24  2:01 UTC|newest]

Thread overview: 12+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-03-23 20:10 Redirect ports on localhost Ben Yerushalmi
2004-03-24  2:01 ` forum [this message]
2004-03-24  2:52   ` Mark E. Donaldson
2004-03-24  2:57     ` forum
2004-03-24  3:14 ` Alexander Samad
2004-03-24 20:31   ` al clethero
2004-03-24  5:15 ` Ben Yerushalmi
2004-03-25  7:34 ` Ben Yerushalmi
2004-03-26  5:35 ` Ben Yerushalmi
2004-03-26  6:07   ` forum
     [not found] <20040325193403.19216.70237.Mailman@vishnu.netfilter.org>
2004-03-25 19:47 ` Fabiano Bonin
2004-03-25 20:03   ` David Cannings

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=jbm.20040323200102.07b7ea44@alkaid.pc9 \
    --to=forum@users.pc9.org \
    --cc=netfilter@lists.netfilter.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.