From: Vigneswaran R <vignesh@atc.tcs.com>
To: Bram van den Hout <bram@legno.nl>
Cc: "netfilter@vger.kernel.org" <netfilter@vger.kernel.org>
Subject: Re: Rewrite destination IP
Date: Tue, 18 Mar 2014 09:51:08 +0530 [thread overview]
Message-ID: <5327C9B4.1050601@atc.tcs.com> (raw)
In-Reply-To: <zarafa.5326df90.0b5a.15412cab2d2a09ca@detroit>
On 03/17/2014 05:12 PM, Bram van den Hout wrote:
> Hi,
>
> Is it possible to change the destination IP address of an incoming packet and have a local running server proces on application layer answer to the changed IP address ?
>
> To be more clear. I have a hosting software suite that is configured to run on a registered public IP address (a.b.c.d).
> The actual server is behind a firewall and has a private IP address. I have configured a virtual interface with the public IP address a.b.c.d.
>
> eth0 Link encap:Ethernet HWaddr 00:0c:29:f5:10:9f
> inet addr:192.168.100.11 Bcast:192.168.100.255 Mask:255.255.255.0
>
> eth0:0 Link encap:Ethernet HWaddr 00:0c:29:f5:10:9f
> inet addr:a.b.c.d Bcast:a.b.c.d Mask:255.255.255.255
>
> Incoming packets have destination IP : 192.168.100.11.
> I would like to change the destination to a.b.c.d and have for instance a webserver listening on a.b.c.d:80 and with directive <virtualhost a.b.c.d:80> answer to that request.
>
> I have tried :
>
> iptables -t nat -A PREROUTING -i eth0 -d 192.168.100.11 -j NETMAP --to a.b.c.d/32
>
> When checking the result of this command with tcpdump, I don't see any translation.
Better, try to log the packets and see whether the translation happened
or not. Add the following rule,
iptables -I INPUT -d a.b.c.d -j LOG --log-prefix "[netfilter] "
Then ping 192.168.100.11 from another node. Now the log
(/var/log/messages or other custom log file) should have the
corresponding entries, if the translation happened properly. I just
tested now.
Regards,
Vignesh
>
> What am I missing ?
>
> Thank you very much for your response !
>
> Cheers,
>
> Bram
> --
> To unsubscribe from this list: send the line "unsubscribe netfilter" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
next prev parent reply other threads:[~2014-03-18 4:21 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-17 11:42 Rewrite destination IP Bram van den Hout
2014-03-18 4:21 ` Vigneswaran R [this message]
2014-03-18 5:52 ` Neal Murphy
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5327C9B4.1050601@atc.tcs.com \
--to=vignesh@atc.tcs.com \
--cc=bram@legno.nl \
--cc=netfilter@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox