Re: Redirecting DNS Not Working

Linux Netfilter discussions
 help / color / mirror / Atom feed

From: Pascal Hambourg <pascal@plouf.fr.eu.org>
To: Andrew Beverley <andy@andybev.com>
Cc: netfilter@vger.kernel.org
Subject: Re: Redirecting DNS Not Working
Date: Sat, 16 Feb 2013 18:03:11 +0100	[thread overview]
Message-ID: <511FBBCF.70800@plouf.fr.eu.org> (raw)
In-Reply-To: <1361015492.10501.44.camel@andrew-desktop>

Andrew Beverley a écrit :
>> Nonsense. You should read the manpage more carefully.
>>
>> QUOTE
>>  REDIRECT
>>  This  target is only valid in the nat table, in the PREROUTING and OUT-
>>  PUT chains, and user-defined chains which are only  called  from  those
>>  chains.   It redirects the packet to the machine itself by changing the
>>  destination IP  to  the  primary  address  of  the  incoming  interface
>>  (locally-generated packets are mapped to the 127.0.0.1 address).
>> END OF QUOTE
> 
> Okay, I stand corrected, although I personally would still use the DNAT
> target for that use-case :)

Both can be used. DNAT gives more control, as it allows to specify the
destination address.

> Incidentally, the manpage stipulates "--to-ports" but the earlier
> example in the same manpage is "--to-port". Both seem to be accepted.
> Any difference?

No, it appears that partial options can be used (as long as they are
unambiguous, I guess). --to also works.

next prev parent reply	other threads:[~2013-02-16 17:03 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-02-15 16:24 Redirecting DNS Not Working John Corps
2013-02-15 16:35 ` Andrew Beverley
2013-02-15 16:56   ` John Corps
     [not found]   ` <CAFURDX-qor3-w4tVMt-aLfH2_tbNNz1KQwRHMA99MrzZL1UT9w@mail.gmail.com>
2013-02-15 17:05     ` Andrew Beverley
2013-02-15 17:28       ` John Corps
2013-02-15 18:13         ` Andrew Beverley
2013-02-15 18:46           ` John Corps
2013-02-15 19:15         ` Michael Ludvig
2013-02-15 19:19           ` John Corps
2013-02-16 11:35   ` Pascal Hambourg
2013-02-16 11:51     ` Andrew Beverley
2013-02-16 17:03       ` Pascal Hambourg [this message]
2013-02-15 18:04 ` /dev/rob0

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=511FBBCF.70800@plouf.fr.eu.org \
    --to=pascal@plouf.fr.eu.org \
    --cc=andy@andybev.com \
    --cc=netfilter@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox