REDIRECT with iptables
Elewitz, Dovid
Dovid.Elewitz@viatel.com
Wed, 25 Apr 2001 10:14:31 -0500
>iptables -A PREROUTING -p tcp --dport 80:83 -j REDIRECT --to-port 8081
Add '-t nat': iptables -t nat -A PREROUTING -p tcp --dport 80:83 -j REDIRECT
--to-port 8081
Dovid
-----Original Message-----
From: Daniel Bidwell [mailto:bidwell@andrews.edu]
Sent: Wednesday, April 25, 2001 10:25 AM
To: Derrik Pates
Cc: netfilter@lists.samba.org
Subject: Re: REDIRECT with iptables
On Wed, Apr 25, 2001 at 07:29:23AM -0600, Derrik Pates wrote:
> On Wed, 25 Apr 2001, Daniel Bidwell wrote:
>
> > I am tryin to "-j REDIRECT --to-port xxx" with iptables-1.2.1a and linux
> > 2.4.3 and am getting an "Invalid argument" back. Is there a seperate
> > kernel compile time flag that I need to do REDIRECT's?
>
> If you built support for the REDIRECT target into the kernel (or as a
> module), it should work. You do realize you can only put REDIRECT and DNAT
> rules in the PREROUTING chain of the nat table, right?
>
My kernel .config (linux 2.4.3) has:
CONFIG_IP_NF_TARGET_REDIRECT=y
and here are a couple of my iptable rules:
iptables -A PREROUTING -p tcp --dport 80:83 -j REDIRECT --to-port 8081
Which returns with:
iptables: Invalid argument
Anything else obviously wrong?
--
Daniel R. Bidwell | bidwell@andrews.edu
Andrews University Information Technology Services
If two always agree, one of them is unnecessary
"Friends don't let friends do DOS"
"In theory, theory and practice are the same.
In practice, however, they are not."
No tema al pinguino.