* DNAT vs REDIRECT
@ 2009-06-05 10:01 Rakotomandimby Mihamina
2009-06-05 11:29 ` Покотиленко Костик
0 siblings, 1 reply; 3+ messages in thread
From: Rakotomandimby Mihamina @ 2009-06-05 10:01 UTC (permalink / raw)
To: netfilter
Hi,
On my gateway, I usually made a
-A INPUT ... -dport 80 ... -j REDIRECT 192.168.x.y:80
In order to reach the webserver located on the LAN.
What would be the difference if I use a DNAT instead?
What's the diferences between those?
--
Architecte Informatique:
Administration Système, Recherche et Développement.
Phone: +261 33 11 207 36
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: DNAT vs REDIRECT
2009-06-05 10:01 DNAT vs REDIRECT Rakotomandimby Mihamina
@ 2009-06-05 11:29 ` Покотиленко Костик
2009-06-05 19:57 ` How to send pat of traffic through local gateway Александр
0 siblings, 1 reply; 3+ messages in thread
From: Покотиленко Костик @ 2009-06-05 11:29 UTC (permalink / raw)
To: Rakotomandimby Mihamina; +Cc: netfilter
В Птн, 05/06/2009 в 13:01 +0300, Rakotomandimby Mihamina пишет:
> Hi,
> On my gateway, I usually made a
> -A INPUT ... -dport 80 ... -j REDIRECT 192.168.x.y:80
> In order to reach the webserver located on the LAN.
> What would be the difference if I use a DNAT instead?
>
> What's the diferences between those?
REDIRECT is like DNAT but for redirecting to a local machine only (INPUT
chain), DNAT is more universal, can be used not only for redirecting to
a local machine but also to a remote (PREROUTING chain).
--
Покотиленко Костик <casper@meteor.dp.ua>
^ permalink raw reply [flat|nested] 3+ messages in thread
* How to send pat of traffic through local gateway
2009-06-05 11:29 ` Покотиленко Костик
@ 2009-06-05 19:57 ` Александр
0 siblings, 0 replies; 3+ messages in thread
From: Александр @ 2009-06-05 19:57 UTC (permalink / raw)
To: netfilter
i trying to change gateway for jabber s2s traffic, but have problems with it, my
provider make forwarding for 5269 port to\from my machine, and incomming traffic
come to me right, i asking about how i can use this local gateway on eth0
interface instead of my default gateway on ppp0 interface.
this what i have tryed:
iptables -t mangle -A PREROUTING -p tcp --dport 5269 -j CONNMARK --restore-
mark
iptables -t mangle -A PREROUTING -p tcp --dport 5269 -j MARK --set-mark 1
iptables -t mangle -A OUTPUT -p tcp --dport 5269 -j MARK --set-mark 1
iptables -t mangle -A POSTROUTING -p tcp --dport 5269 -j CONNMARK --save-mark
and for routing:
ip rule add from all fwmark 1 table viks_gw
ip route add default via 172.18.0.1 dev eth0 table viks_gw
after this, test it with tcptraceroute
tcptraceroute -i eth0 -s 172.18.13.13(my local ip which is necessary to be
172.18.13.13) jabber.ru 5269
this works.
but traffic from ejabberd generated with interface ppp0 and its own ip, not my
local ip, can i somehow modify this packets (like SNAT), ot i need to do
something with ip route ?
thx in advance.
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2009-06-05 19:57 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2009-06-05 10:01 DNAT vs REDIRECT Rakotomandimby Mihamina
2009-06-05 11:29 ` Покотиленко Костик
2009-06-05 19:57 ` How to send pat of traffic through local gateway Александр
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).