iptables acting as a TCP proxy

Gavin Hamill gdh@acentral.co.uk
Mon, 15 Mar 2004 12:43:31 +0000

On Monday 15 March 2004 11:28, Antony Stone wrote:

> iptables -A PREROUTING -p tcp --dport 80 -d old.ip.add.ress -j DNAT --to
> new.ip.add.ress
> iptables -A FORWARD -p tcp --dport 80 -d new.ip.add.ress -j ACCEPT
> iptables -A POSTROUTING -p tcp --dport 80 -d new.ip.add.ress -j SNAT --to
> my.ip.add.ress

A thousand thanks, Antony - you're a giraffe among men - so walk tall :)

Yep this works a treat, and you're quite right the fact that requests will all 
come from the firewall doesn't matter :)