Re: [netfilter-core] 1.3.6 and newer disallows IP ADDRESS argument to REDIRECT

Linux Netfilter development
 help / color / mirror / Atom feed

* Re: [netfilter-core] 1.3.6 and newer disallows IP ADDRESS argument to REDIRECT
       [not found] <062320081433.10930.485FB42B0002149300002AB22209224627020A9A9E0C030A050703@comcast.net>
@ 2008-06-23 16:21 ` Patrick McHardy
  0 siblings, 0 replies; only message in thread
From: Patrick McHardy @ 2008-06-23 16:21 UTC (permalink / raw)
  To: mikemcquen; +Cc: coreteam, Netfilter Development Mailinglist

Please post questions like this to netfilter-devel.

mikemcquen@comcast.net wrote:
> why?
> There is no longer a mechanism for doing this:
> 
> iptables -t -nat -A PREROUTING -i  eth0 -p tcp -m tcp --dport 443 -j REDIRECT --to 1.1.1.1
> 
> I just replaced a bunch of proxy machines and my config no longer works!

This was never supported, REDIRECT always choses the
first IP from the incoming device.

My guess is that you either used DNAT before or the
argument parser used to be less strict and ignored
unknown arguments.

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2008-06-23 16:21 UTC | newest]

Thread overview: (only message) (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
     [not found] <062320081433.10930.485FB42B0002149300002AB22209224627020A9A9E0C030A050703@comcast.net>
2008-06-23 16:21 ` [netfilter-core] 1.3.6 and newer disallows IP ADDRESS argument to REDIRECT Patrick McHardy

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox